Académique Documents
Professionnel Documents
Culture Documents
Lotts docs out there, some are better than others, but most are a bit confusing. Just dropping this here for potential future need The 2 best I came across are:
1. 2.
http://www.akadia.com/services/ssh_test_certificate.html http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html/
I found that steps 1-4 in the first guide are easy to follow and will work well to generate your keys. Then follow the second guide to enable SSL on your Apache and set things up.
Step 2: Generate a CSR (Certificate Signing Request) openssl req -new -key server.key -out server.csr
When asked for Common Name make sure to fill either public IP or full qualified domain name (sub.domain.com).
Step 3: Remove Passphrase from Key cp server.key server.key.org openssl rsa -in server.key.org -out server.key
Step 4: Generating a Self-Signed Certificate openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Step 5: Copy the server.crt and server.key files into position cp server.key /etc/apache2/ssl cp server.crt /etc/apache2/ssl
Step 7: Create a stub SSL conf. file (if needed) and establish a necessary symlink -
(Note: If using Ubuntu 10.04+ you may want to backup the original SSL conf also): cp /etc/apache2/sites-available/default-ssl default-ssl_original
Now you need to declare the IP of your box (or FQDN/DNS name) and document roots you created in a previous step.
To configure HTTP over port 80 (edit /etc/apache2/sites-available/default) and add/replace (replace): ServerName {Your IP or FQDN}:80
To configure HTTP over port 443 (edit /etc/apache2/sites-available/default) and add/replace (replace): ServerName {Your IP or FQDN}:443
Edit /etc/apache2/ports.conf and verify the following exist (or add it):
Listen 443
Edit /etc/apache2/ports.conf and verify the following exist (or add it): SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key
Obviously this will produce a warning on the browser side, since the certificate is self-signed. So if thats important, make sure to purchase a signature from Verisign or simliar.
Source:
http://www.zoharbabin.com/install-ssl-on-ubuntu-and-enable-https