Add SSL support for Apache in Ubuntu

Make sure that Apache is successfully installed, configured, and running. Install necessary software install openssl: apt-getinstallopenssl install ssl-cert: apt-getinstallssl-cert load apachessl module: a2enmodssl create ssl directory under apache: mkdir/etc/ap

Make sure that Apache is successfully installed, configured, and running.

Install necessary software

Install openssl:

Apt-get install openssl

Install ssl-cert:

Apt-get install ssl-cert

Load apache ssl module

Load the apache ssl module:

A2enmod ssl

Create an ssl directory under apache:

Mkdir/etc/apache2/ssl

Create Certificate-Related Files

Enter the/etc/apache2/ssl directory and create a private key. You need to enter the same keywords twice:

Openssl genrsa-des3-out my-server.key 1024

Create a certificate:

Openssl req-new-key my-server.key-x509-out my-server.crt-config/etc/ssl/openssl. cnf

If you want to extend the validity period by one month by default, you can add the following parameters:

-Days 3650

Create and run sites

Create a site file/etc/apache2/sites-available/ssl. Main content:

 NameVirtualHost *:443<VirtualHost *:443>        ServerAdmin webmaster@localhost        DocumentRoot /var/www/        <Directory />                Options FollowSymLinks                AllowOverride None        
  Directory>        <Directory /var/www/>                Options Indexes FollowSymLinks MultiViews                AllowOverride None                Order allow,deny                allow from all        
   Directory>        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/        <Directory "/usr/lib/cgi-bin">                AllowOverride None                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch                Order allow,deny                Allow from all        
    Directory>        ErrorLog /var/log/apache2/error.log        # Possible values include: debug, info, notice, warn, error, crit,        # alert, emerg.        LogLevel warn        CustomLog /var/log/apache2/access.log combined        ServerSignature On    Alias /doc/ "/usr/share/doc/"    <Directory "/usr/share/doc/">        Options Indexes MultiViews FollowSymLinks        AllowOverride None        Order deny,allow        Deny from all        Allow from 127.0.0.0/255.0.0.0 ::1/128    
     Directory>SSLEngine onSSLCertificateFile /etc/apache2/ssl/my-server.crtSSLCertificateKeyFile /etc/apache2/ssl/my-server.key
      VirtualHost>

The ssl site is set to run:

A2ensite ssl

After you restart apache, you can access it through https. Because the certificate is generated by yourself, the following situations may occur when you access through ie7:Continue to browse this websiteYou can.

Manually import certificates

If the preceding method is accessed through a browser, a warning is displayed in the address bar of ie7:

There will also be a warning in google chrome:

If this is too confusing (in fact it does not affect the use of), you can manually import the certificate, the/etc/apache2/ssl/my-server.crt file for users to download. Double-click the file after the download:

Click: Install Certificate

Select the root certificate entry. After the installation, the access will no longer receive a warning.