How to install SSL support for Apache 14.04 on Ubuntu 2.4

How to install SSL support for Apache 14.04 on Ubuntu 2.4

Today, I will describe how to install an SSL Certificate for your personal website or blog on Ubuntu 14.04 to protect the communication security between your visitors and the website.

Secure Sockets Layer (SSL) is a standard security technology used to encrypt connections between websites and browsers. This ensures the privacy and security of the data transmitted between the server and the browser. It is used by thousands of people to protect their communication with customers. To enable the SSL link, the Web server must install the SSL certificate.

You can create your own SSL certificate, but this is not trusted by the browser by default. To solve this problem, you need to purchase a certificate from a trusted Certificate Authority (CA, we will show you how to obtain the certificate and install it in apache.

Generate a Certificate Signature request

The CA requires you to generate a Certificate Signing Request (CSR) on your server ). This is a very simple process. You just need to run the following command on your server and enter the required information:

1. # Openssl req-new-newkey rsa: 2048-nodes-keyout yourdomainname. key-out yourdomainname. csr

The output looks like this:

In this step, two files are generated: a private key file used to decrypt the SSL Certificate, and a Certificate Signing Request (CSR) file (used to apply for your SSL certificate ).

According to the organization you apply for, you will need to upload the csr file or paste the file content in the website form.

Install the actual Certificate in Apache

After the generation step is complete, you will receive a new digital certificate. In this tutorial, we use Comodo SSL and receive the certificate in a zip file it sends to us. To use it in apache, you first need to use the following command to create a combined certificate with the received Certificate:

1. # Cat COMODORSADomainValidationSecureServerCA. crt COMODORSAAddTrustCA. crt AddTrustExternalCARoot. crt> bundle. crt

Run the following command to ensure that the ssl module has been loaded into apache:

1. # A2enmod ssl

If you see the information such as "Module ssl already enabled", it indicates that you have succeeded. If you see "Enabling module ssl", you also need to use the following command to restart apache:

1. # Service apache2 restart

Finally, modify your VM file (usually under/etc/apache2/sites-enabled) as follows ):

1. DocumentRoot/var/www/html/
2. ServerName linoxide.com
3. SSLEngine on
4. SSLCertificateFile/usr/local/ssl/crt/yourdomainname. crt
5. SSLCertificateKeyFile/usr/local/ssl/yourdomainname. key
6. SSLCACertificateFile/usr/local/ssl/bundle. crt

Now you can use https: // YOURDOMAIN/(Be sure to use 'https' instead of 'http') to access your website, the SSL progress bar is displayed (usually indicated by a lock in your browser ).

Note: currently, all content links must point to https. If some content on the website (such as images or css files) still points to http links, you will receive a warning in the browser. To fix this problem, make sure that each link points to https.

Redirect HTTP requests to HTTPS on your website

If you want to redirect a conventional HTTP request to HTTPS, add the following text to the virtual host you want to modify, or add the text to apache if you want to add all the websites on the server. conf:

1. RewriteEngineOn
2. RewriteCond % {HTTPS} off
3. RewriteRule (. *) https: // % {HTTP_HOST }%{ REQUEST_URI}

Install SVN integration Apache + SSL in CentOS 6.5

Use SSL Certificate in HAproxy 1.5