05.20.08
Enabling ssl on your apache2 with debian etch
This is in now way the definitive guide to getting ssl to work on your host. This is what worked for me.
First you need to get openssl
apt-get install openssl ssl-cert
Generate a self signed cert. This will protect your traffic however it will give warning in the browser of the user.
If you don’t want these warnings you will have to get a cert from a trusted certificate authority.
openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
It will ask some questions, you can fill in what you want on most of them, however
Common Name (eg, YOUR name) []: *.yoursite.com
Make sure you give the name of your top level domain there.
Give the pem file the right permissions:
chmod 600 /etc/apache2/apache.pem
You want the server to listen on the ssl port, so you change /etc/apache2/ports.conf to
Listen 80
Listen 443
You add the Listen 443 line.
Now you want have to edit the default file
vi /etc/apache2/sites-available/default
Change
NameVirtualHost *
To
NameVirtualHost *:80
NameVirtualHost *:443
I looked long for this part, for some reason I have to add this to my default file, else ssl doesn’t work on my
other virtual hosts.
SSLCertificateFile /etc/apache2/apache.pem
SSLEngine On
Then you have to
add
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
to the definition of your host which you want to run with ssl.
sample:
ServerName sample.com
#other directives
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
SSLCertificateKeyFile /etc/apache2/apache.pem
/etc/init.d/apache2 restart
That’s it.