Monday, February 13, 2012

Enabling SSL on Apache2 for Testing

Enabling SSL on an apache2 installation is easy. There are plenty of instructions on the Web for doing this, but I thought I'd describe the way to do it using the latest Ubuntu installation of apache2, which is idiosyncratic.

  1. First you need to generate a self-signed certificate. I used the following command:
    openssl req -new -x509 -nodes -out server.crt -keyout server.key
    Now create a directory for these files inside your apache2 installation:
    sudo mkdir /etc/apache2/certs/
    And move the certificates to that location:
    sudo mv server.* /etc/apache2/certs/
  2. Next, edit /etc/apache2/sites-available/default-ssl, and change the two directives:
    SSLCertificateFile    /etc/apache2/certs/server.crt
    SSLCertificateKeyFile /etc/apache2/certs/server.key
    So they now point to your files.
  3. Now enable the ssl module in apache2, and the default ssl site:
    sudo a2enmod ssl
    sudo a2ensite default-ssl
  4. Finally, restart apache2:
    /etc/init.d/apache2 restart
    And it should work. Test it by going to https://localhost in the browser. It should give you a dialog complaining about how insecure this is. Just say that you understand the risks, enable the exception, and it will take you to the index.html page.

No comments:

Post a Comment