Install mod_ssl
yum update
yum install mod ssl
Create an SSL Certificate
cd /etc/tls/certs
openssl genrsa -des3 -out apachekey.pem 2048
Generate a Certificate Signing Request (CSR)
Type the following command:
# openssl req -new -key apachekey.pem -out apachekey.csr
Create the Web Server Certificate
You must signed the CSR to create the web server certificate, enter (you can send it to your CA to sign the same). To sign httpserver.csr using your CA:
# openssl ca -in apachekey.csr -out apachecert.pem
Install SSL Certificate
Copy server key and certificates files /etc/tls/http/, enter:
# cp apachecert.pem /etc/tls/http/
# cp apachekey.pem /etc/tls/http/
Edit /etc/httpd/conf.d/ssl.conf, enter:
# vi /etc/httpd/conf.d/ssl.conf
Listen to the the HTTPS port, enter:
Listen 10.10.29.68:443
Update it as follows to seed appropriately, enteR:
SSLRandomSeed startup file:/dev/urandom 1024 SSLRandomSeed connect file:/dev/urandom 1024
Update VirtualHost as follows:
<VirtualHost www.ajayadas.com:443>
SSLEngine On
SSLCertificateFile /etc/tls/http/apachecert.pem
SSLCertificateKeyFile /etc/tls/http/apachekey.pem
SSLProtocol All -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:+MD5
DocumentRoot "/var/www/html/ssl"
ServerName www.ajayadas.com:443
</VirtualHost>
Save and close the file. Make sure /var/www/html/ssl exits, enter:
# mkdir -p /var/www/html/ssl
Edit /etc/httpd/conf/httpd.conf, enter:
# vi /etc/httpd/conf/httpd.conf
Make sure SSL is used for /var/www/html/ssl and set other options for the same, enter:
<Directory /var/www/html/ssl>
SSLRequireSSL
SSLOptions +StrictRequire
SSLRequire %{HTTP_HOST} eq "www.ajayadas.com"
ErrorDocument 403 https://www.ajayadas.com/sslerror.html
</Directory>
Now, you can upload ssl specific php or html pages in /var/www/html/ssl directory and can access them by visiting https://www.nixcraft.com/ url. Do not forgot to restart Apache:
# service httpd restart
