Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
12Activity
0 of .
Results for:
No results containing your search query
P. 1
Configuring Apache HTTP Server for Secure Socket Layer

Configuring Apache HTTP Server for Secure Socket Layer

Ratings: (0)|Views: 80 |Likes:
Published by api-3804031

More info:

Published by: api-3804031 on Dec 04, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

03/18/2014

pdf

text

original

Configuring Apache HTTP Server 2.2.3 for Secure Socket Layer
[openssl]200
9
Configuring Apache HTTP Server for Secure
Socket Layer [SSL]
@ The steps involved to configure SSL support in Apache are
listed here:

1. Install OpenSSL on your server, if it is not already
installed. Most
Linux systems should have OpenSSL installed.

2. Check whether your Apache installation has mod_ssl
support. If not,
you would need to build Apache from source with the
mod_ssl

support.
3. Get or generate an SSL certificate, and install it in

Apache.
4. Make configuration changes in Apache for mod_ssl.
5. Test the SSL-enabled Apache-Tomcat setup.

@ Initial step
. Install the Apache HTTP Server 2.2.3 that having openssl
. To test whether openssl installed properly in the system, go

to the
<APACHE_HOME>/bin dir,
then type the following command

<APACHE_HOME>/bin>openssl version
. It gives the output similar to the following one,
.If OpenSSL is installed, you should see a report of the
version
number, similar to the following.
OpenSSL 0.9.8e 28 Feb 2007
@ Generating a Test Certificate with OpenSSL
Following are the main steps involved:
1. Create a configuration file for generating the certificate.
1
Configuring Apache HTTP Server 2.2.3 for Secure Socket Layer
[openssl]200
9
2. Create a certificate signing request; this is what you
submit to a CA
if you are buying a certificate.
3. Purchase a certificate from a CA or create a self signed

certificate.
4. Remove the passphrase from the private key.
5. Install the key and certificate to the server.

1. Configuration File for Generating a Certificate
Create a working directory called\u201ccertworks\u201d. You
can
generate all the required requests, keys,
configuration, and
certificates here.
A configuration file is required for generating the
server
certificate. A sample configuration file is presented
in the
following listing. Save the following contents in a file
named
"myconfig.file" in the certworks directory.

RANDFILE = ./random.txt
[req]
default_bits = 1024
default_keyfile = keyfile.pem
attributes = req_attributes
distinguished_name = MCA
prompt = no
output_password = mypassword
[MCA]
C = IN
ST = AP
L = HYD
O = MCA
OU = MCA 1
CN = 127.0.0.1
emailAddress = mail@myserver.com

2
Configuring Apache HTTP Server 2.2.3 for Secure Socket Layer
[openssl]200
9
[req_attributes]
challengePassword = mypassword
.If you are testing on your own local LAN, you should
change the CN
(Common Name) entry to the fully qualified hostname
or IP of your
host. In the example above, the CN is set to 127.0.0.1.
. If you are actually setting this up for a registered fully
qualified
domain name, this entry must match exactly the
domain that you
are requesting the certificate for. If your users are not
using thisexact name to access your site; they get a security
warning from the
browser.
.The key generator needs a file containing a random
number to add
entropy to the algorithm. Create a file called
random.txt and put a
large random number in it.
2. Create a Certificate Signing Request
The command for creating a certificate signing
request is as follows:
openssl req -new -outserver. csr -config
myconfig.file
If you use the configuration from the myconfig.file,

this step
creates a certificate signing request (server.csr) and a
private key (keyfile.pem).

The following is a sample output from this command:
Generating a 1024 bit RSA private key
3

Activity (12)

You've already reviewed this. Edit your review.
1 hundred reads
shikha_bhat_1 liked this
adilagailey liked this
purwish liked this
rhythmbd liked this
shekar_bandi liked this
astn98 liked this
Guta Saputra liked this
shekar_bandi liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->