Scribd Logo
Upload

Welcome to Scribd!

  • Setup HTTPS/SSL on Apache Web Server

    Uploaded by

    Fajar Bakhrun N
    22 views9 pages
    ssl

    Original Title

    HTTPS

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ssl

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views9 pages

    Setup HTTPS/SSL on Apache Web Server

    Uploaded by

    Fajar Bakhrun N
    ssl

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    HTTPS/SSL

    Oleh: Idris Winarno


    Persiapan
    Pastikan repository debian
    # vim /etc/apt/sources.list
    deb http://kebo.vlsm.org/debian etch main contrib non-free

    # apt-get update
    Installasi DNS Server
    Materi dapat di download di:
    http://kebo.vlsm.org/~idris/file/admin_jarkom/DNSserver.pdf

    Tambahkan subdomain ssl


    # vim /var/cache/bind/(nama file)
    Installasi Web Server
    Materi dapat di download di:
    http://kebo.vlsm.org/~idris/file/admin_jarkom/P1%20-%20Apache.pdf

    Tambah kan port 443


    # vim /etc/apache2/ports.conf

    Tambahkan namevirtual
    # vim /etc/apache2/conf.d/virtual
    NameVirtualHost *:80
    NameVirtualHost *:443

    Hapus NameVirtualHost yang ada di /etc/apache2/sites-


    enables/000-default

    Aktikan module ssl


    # a2enmod ssl
    # /etc/init.d/apache2 restart
    Installasi Certificate
    Installasi:
    # apt-get install openssl ssl-cert
    Pebuatan Certificate
    Buat folder untuk meletakkan cert
    # mkdir /etc/apache2/ssl
    # cd /etc/apache2/ssl

    Membuat cert
    # openssl req new > domainku.csr
    # openssl rsa in privkey.pem out domainku.key
    # openssl x590 in domainku.csr out domainku.cert
    req signkey domainku.key days 365
    Generating a 1024 bit RSA private key
    ...........++++++
    ...............++++++
    writing new private key to 'privkey.pem'
    Enter PEM pass phrase:
    Verifying - Enter PEM pass phrase:
    -----
    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
    Country Name (2 letter code) [AU]:ID
    State or Province Name (full name) [Some-State]:East Java
    Locality Name (eg, city) []:Surabaya
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:PENS-ITS
    Organizational Unit Name (eg, section) []:UPT Jaringan
    Common Name (eg, YOUR name) []:domainku.com
    Email Address []:idris@eepis-its.edu

    Please enter the following 'extra' attributes


    to be sent with your certificate request
    A challenge password []:my pass
    An optional company name []:PENS-ITS
    Integrasi cert di apache
    Edit sites-enabled
    # vim /etc/apache2/sites-enabled/000-default
    <VirtualHost *:443>
    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/domainku.cert
    SSLCertificateKeyFile /etc/apache2/ssl/domainku.key
    ServerName ssl.domainku.com
    ServerAdmin idris@eepis-its.edu
    DocumentRoot /var/www/
    <Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
    # This directive allows us to have apache2s default start page
    # in /apache2-default/, but still have / go to the right place
    # RedirectMatch ^/$ /apache2-default/
    </Directory>
    </VirtualHost>
    Testing
    Restart server apache2
    # /etc/init.d/apache2 restart

    Buka web browser dan akses


    https://ssl.domainku.com

    Cek certificate yang ada di browser

    You might also like