Apache httpd : SSL/TLS Setting
|
Configure SSL/TLS setting to use secure encrypt HTTPS connection. |
|
| [1] | |
| [2] | Enable SSL/TLS settings. |
|
root@www:~ #
vi /usr/local/etc/apache24/httpd.conf
# line 92 : uncomment
LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so # line 148 : uncomment
LoadModule ssl_module libexec/apache24/mod_ssl.so # line 526 : uncomment
Include etc/apache24/extra/httpd-ssl.conf root@www:~ #
vi /usr/local/etc/apache24/extra/httpd-ssl.conf
# line 125, 126 : change to your server name and admin email
DocumentRoot "/usr/local/www/apache24/data" ServerName www.srv.world:443
ServerAdmin root@srv.world
ErrorLog "/var/log/httpd-error.log" TransferLog "/var/log/httpd-access.log" # line 144 : change to the certificate you got in [1]
SSLCertificateFile "/usr/local/etc/letsencrypt/live/www.srv.world/cert.pem"
# line 154 : change to the certificate you got in [1]
SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/www.srv.world/privkey.pem"
# line 165 : uncomment and change to the certificate you got in [1]
SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/www.srv.world/chain.pem"
service apache24 reload
|
| [3] | If you'd like to set HTTP connection to redirect to HTTPS (Always on SSL/TLS), Set RewriteRule to each Host settings. For example, if you set Virtual Hostings like the link here, Add RewriteRule like follows. Or It's possible to set RewriteRule in [.htaccess] not in [httpd.conf]. |
|
root@www:~ #
vi /usr/local/etc/apache24/httpd.conf
# line 181 : uncomment
LoadModule rewrite_module libexec/apache24/mod_rewrite.so root@www:~ #
vi /usr/local/etc/apache24/Includes/vhost.conf
<VirtualHost *:80>
DocumentRoot /usr/local/www/apache24/data
ServerName www.srv.world
# add RewriteRule
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
root@www:~ #
service apache24 reload
|
| [4] | Verify to access to the test page from any client computer with Web browser via HTTPS. |