APACHE2 CREATE SSL(HTTPS)
All the cloudlflare setting will be same as the top post.
We are now letting you know how to generate the certificate and key for apache2.
STEP1: ENABLE SSL MODULE ON APACHE2 AND RESTART APACHE2
a2enmod ssl systemctl restart apache2
STEP2: CREATE A SELF-SIGNED APACHE SSL CERTIFICATE
sudo mkdir /etc/apache2/ssl sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
You will get below question and please answer accordingly like below:
Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:New York Locality Name (eg, city) []:New York City Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bouncy Castles, Inc. Organizational Unit Name (eg, section) []:Ministry of Water Slides Common Name (e.g. server FQDN or YOUR name) []:your_domain.com Email Address []:admin@your_domain.com
After this all question you will see 2 thing in /etc/apache2/ssl/
apache.key
apache.crt
STEP3: EDITING YOUR APACHE SSL CONFIG FILE TO SUPPORT HTTPS
vi /etc/apache2/sites-available/default-ssl.conf
and make your file look like below:
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
BrowserMatch "MSIE [2-6]"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
And you can now test your https://domain.com
And please setup cloudflare with the Step4 on nginx section.
Leave a Reply
Want to join the discussion?Feel free to contribute!