Skip to main content
  1. Posts/

Configuring Apache with a SSL Connection

·2 mins

You can download the latest version of Apache from here: Apache, and the documentation for installing and configuring the server can be found here: Official Docs

(If you are using BackTrack, Apache will be already installed and configured)

The path of Apache is /etc/apache/

(The Apache version shown here is apache2, it will differ if you have a different version)

Steps:

Create a directory for keeping the SSL certificates and go to the directory

# mkdir ssl

# cd ssl

Create the server key, using the ‘des3’ algorithm with 1024 bits. You will be asked a passphrase which you need to remember

# openssl genrsa -des3 -out server.key 1024

Create the Certificate signing element by providing the passphrase for the server.key and the Certificate details

# openssl req -new -key server.key -out server.csr

Create the Certificate using the X509 authentication standard, for a validity of 365 days

# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

You can check the list of files created by the ‘ls’ command, and to watch the contents of these files by ‘cat’ command

Start the apache server by the following command

# /etc/init.d/apache2 start

Check your server by typing http://localhost in your browser.

Now you need to make changes for including the SSL connection. First go to the directory sites-available

# cd sites-available

Modify the file “default-ssl” by replacing the contents of SSLCertificateKey and SSLCertificateFile as shown below:

Modify the file “default” by copying the the Virtual host from above and making the changes as in it as shown:

In the folder /etc/apache2/ you need to make changes to the ‘httpd.conf’ file by adding these two lines to the blank file:

Now provide the command to start the ssl service

# a2enmod ssl

Restart the apache service and you will get the service started as shown below:

Congratulations! Your SSL Apache server has started.

Now try to browse your Apache from a remote machine, by typing “http://ip of your server” in its browser.

To check the SSL connection, try ‘https’ instead of ‘http’ before the ip address

At first time, you will get a message that it is an untrusted connection (because it is using a certificate which we have just created, and your will not be having that certificate) Add and exception for the certificate.

After you add an exception for the certificate, finally you will get the SSL connection to the Apache server. The SSL connection will work until you have the respective certificate added to your browser.