ssl

In order to provide Transport Layer Security (TLS), same as for its predecessor Secure Sockets Layer (SSL), it is not compulsory to use a digital certificate issued by one of the well-known (trusted) certification authorities (CA), in case when authentication of the server is not of a particular interest. The so-called self-signed certificate (i.e. an identity certificate signed by the same entity whose identity it should certify) is able to ensure that the connection is secure.

1) Generate self-signed certificate, depending on the particular server environment (e.g. using keytool).
2) Configure the server to serve the requests over HTTPS.
3) Inform the client about the need to whitelist the self-signed certificate.

Solution for "Enable https on Apache 2"

    1. make a self signed certificate with the command:

    apache2-ssl-certificate
    2. enables the ssl mode for apache 2:

    a2enmod ssl
    3. Add the following line to ports.conf (probably located at /etc/apache2/ports.conf)

    Listen 443
    4. Add the following lines to the virtual hosts file. (Change the location of the ssl certificate file if necessary.)

    ServerName earth.my.flat

    DocumentRoot /var/www/
    ErrorLog /var/log/apache2/error.log
    CustomLog /var/log/apache2/access.log combined

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.pem


http://www.debian-administration.org/articles/349

Subscribe to ssl