APACHE2 CREATE SSL(HTTPS)

All the cloudlflare setting will be same as the top post.

We are now letting you know how to generate the certificate and key for apache2.

STEP1: ENABLE SSL MODULE ON APACHE2 AND RESTART APACHE2

a2enmod ssl
systemctl restart apache2

STEP2: CREATE A SELF-SIGNED APACHE SSL CERTIFICATE

sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

You will get below question and please answer accordingly like below:

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New York
Locality Name (eg, city) []:New York City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bouncy Castles, Inc.
Organizational Unit Name (eg, section) []:Ministry of Water Slides
Common Name (e.g. server FQDN or YOUR name) []:your_domain.com
Email Address []:admin@your_domain.com

After this all question you will see 2 thing in /etc/apache2/ssl/

apache.key

apache.crt

STEP3: EDITING YOUR APACHE SSL CONFIG FILE TO SUPPORT HTTPS

vi /etc/apache2/sites-available/default-ssl.conf

and make your file look like below:

 
 ServerAdmin admin@example.com
 ServerName your_domain.com
 ServerAlias www.your_domain.com
 DocumentRoot /var/www/html
 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined
 SSLEngine on
 SSLCertificateFile /etc/apache2/ssl/apache.crt
 SSLCertificateKeyFile /etc/apache2/ssl/apache.key
 
 SSLOptions +StdEnvVars
 SSLOptions +StdEnvVars
 BrowserMatch "MSIE [2-6]" 
 nokeepalive ssl-unclean-shutdown 
 downgrade-1.0 force-response-1.0
 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

And you can now test your https://domain.com

And please setup cloudflare with the Step4 on nginx section.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *