SSL Certificate Installation on Apache HTTP Server

This article assumes you already have the cert files needed, in case you don't know how to get your cert files. Below are some sample commands used to generate CSRs which you need to provide to Certification Authority for cert file generation.

openssl req -new -keyout server.key -out server.csr

In case you want decode them for detailed information

openssl req -in server.csr -noout -text

And if you hate to type the password everytime when Apache restarts, you'd better decrypt the private key

openssl rsa –in enc.key -out dec.key

Let's start the real work.

Step1. Enable SSL Module

Uncomment below two lines in httpd.conf

LoadModule ssl_module modules/mod_ssl.so

Include conf/extra/httpd-ssl.conf

Step2. SSL Configuration

Edit below parameters in httpd-ssl.conf

SSLCertificateFile /etc/ssl/crt/primary.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCertificateChainFile /etc/ssl/crt/intermediate.crt

add JkMount declaration

JkMount /demo ajp13

JkMount /demo/* ajp13

Step3. Restart Apache

If everything goes well, you can access your app via https.

本文出自 “那個蒙奇” 部落格，請務必保留此出處http://thatmonkey.blog.51cto.com/7935609/1301480