# Apache httpd : SSL/TLS Setting

<table class="base" id="bkmrk-%C2%A0-configure-ssl%2Ftls-"><tbody><tr><td class="num"> </td><td>Configure SSL/TLS setting to use secure encrypt HTTPS connection.

</td></tr><tr><td class="num">\[1\]</td><td>[Get SSL Certificate, refer to here](https://www.server-world.info/en/note?os=FreeBSD_14&p=ssl&f=2).

</td></tr><tr><td class="num">\[2\]</td><td>Enable SSL/TLS settings.</td></tr></tbody></table>

<table class="term" id="bkmrk-root%40www%3A%7E-%23%C2%A0-vi-%2Fus"><tbody><tr><td><div class="block">root@www:~ # <div class="color1">vi /usr/local/etc/apache24/httpd.conf</div></div><div class="block"><div class="color2">\# line 92 : uncomment</div>  
LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so</div><div class="block"><div class="color2">\# line 148 : uncomment</div>  
LoadModule ssl_module libexec/apache24/mod_ssl.so</div><div class="block"><div class="color2">\# line 526 : uncomment</div>  
Include etc/apache24/extra/httpd-ssl.conf</div><div class="block">root@www:~ # <div class="color1">vi /usr/local/etc/apache24/extra/httpd-ssl.conf</div></div><div class="block"><div class="color2">\# line 125, 126 : change to your server name and admin email</div>  
DocumentRoot "/usr/local/www/apache24/data"  
ServerName <div class="color1">www.srv.world:443</div>  
ServerAdmin <div class="color1">root@srv.world</div>  
ErrorLog "/var/log/httpd-error.log"  
TransferLog "/var/log/httpd-access.log"</div><div class="block"><div class="color2">\# line 144 : change to the certificate you got in [1]</div>  
SSLCertificateFile <div class="color1">"/usr/local/etc/letsencrypt/live/www.srv.world/cert.pem"</div></div><div class="block"><div class="color2">\# line 154 : change to the certificate you got in [1]</div>  
SSLCertificateKeyFile <div class="color1">"/usr/local/etc/letsencrypt/live/www.srv.world/privkey.pem"</div></div><div class="block"><div class="color2">\# line 165 : uncomment and change to the certificate you got in [1]</div>  
SSLCertificateChainFile <div class="color1">"/usr/local/etc/letsencrypt/live/www.srv.world/chain.pem"</div></div>root@www:~ # <div class="color1">service apache24 reload</div>  
</td></tr></tbody></table>

<table class="base" id="bkmrk-%5B3%5D-if-you%27d-like-to" style="width: 100%;"><tbody><tr><td class="num" style="width: 4.20409%;">\[3\]</td><td style="width: 95.7959%;">If you'd like to set HTTP connection to redirect to HTTPS (Always on SSL/TLS), Set RewriteRule to each Host settings.  
For example, [if you set Virtual Hostings like the link here](https://www.server-world.info/en/note?os=FreeBSD_14&p=httpd&f=2), Add RewriteRule like follows. Or It's possible to set RewriteRule in \[.htaccess\] not in \[httpd.conf\].</td></tr></tbody></table>

<table class="term" id="bkmrk-root%40www%3A%7E-%23%C2%A0-vi-%2Fus-1"><tbody><tr><td><div class="block">root@www:~ # <div class="color1">vi /usr/local/etc/apache24/httpd.conf</div></div><div class="block"><div class="color2">\# line 181 : uncomment</div>  
LoadModule rewrite_module libexec/apache24/mod_rewrite.so</div><div class="block">root@www:~ # <div class="color1">vi /usr/local/etc/apache24/Includes/vhost.conf</div></div>```
<VirtualHost *:80>
    DocumentRoot /usr/local/www/apache24/data
    ServerName www.srv.world
    # add RewriteRule
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

```

root@www:~ # <div class="color1">service apache24 reload</div>  
</td></tr></tbody></table>

<table class="base_win" id="bkmrk-%5B4%5D-verify-to-access"><tbody><tr><td class="num">\[4\]</td><td>Verify to access to the test page from any client computer with Web browser via HTTPS.</td></tr></tbody></table>