Amended Enabling SSL on Apache Cheatsheet

OmariTasneem · Jul 27, 2015 · b33b3f5 · b33b3f5
1 parent f882d46
commit b33b3f5
Showing 1 changed file with 15 additions and 18 deletions.
diff --git a/Cheatsheet_ApacheSSL.txt b/Cheatsheet_ApacheSSL.txt
@@ -2,38 +2,35 @@
 
 1. Install OpenSSL
 
+sudo apt-get install openssl
+
 2. Run the following command to generate the self signed SSL certificates:
 
-openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt
+sudo openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -out /etc/ssl/certs/server.crt -keyout /etc/ssl/private/server.key
 
-3. You will be prompted to enter your organizational information and a common name. The common name should be the fully qualified domain name for the site you are securing (www.mydomain.com). You can leave the email address, challenge password, and optional company name blank. When the command is finished running, it will create two files: a mysitename.key file and a mysitename.crt self signed certificate file valid for 365 days.
+3. Enable SSL for Apache
 
-4. Install the self signed certificate:
+sudo a2enmod ssl
 
-Make a backup copy of /etc/apache2/sites-enabled/000-default and open the original in a text editor.
+4. Put the default-ssl site available creating a symbolic link
 
-Add the lines in bold below. <VirtualHost 192.168.0.1:443>
-DocumentRoot /var/www/website
-ServerName www.domain.com
-SSLEngine on
-SSLCertificateFile /etc/ssl/certs/primary.crt
-SSLCertificateKeyFile /etc/ssl/certs/private.key
-SSLCertificateChainFile /etc/ssl/certs/intermediate.crt
-</VirtualHost>
+sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/000-default-ssl.conf
 
-Change the names of the files and paths to match your certificate files. Save the changes and exit the text editor.
+5. Edit the file default-ssl.conf
 
-5. Enable mod_ssl under apache using the following commands:
+sudo nano /etc/apache2/sites-enabled/000-default-ssl.conf
 
-a2enmod ssl
-/etc/init.d/apache2 restart
+Change the following lines to point to the certs:
 
-## Add ServerName localhost 
+SSLCertificateFile    /etc/ssl/certs/server.crt
+SSLCertificateKeyFile /etc/ssl/private/server.key
 
-to /etc/apache2/apache2.conf
+6. Restart Apache
 
+sudo /etc/init.d/apache2 restart
 
 More information:
+https://hallard.me/enable-ssl-for-apache-server-in-5-minutes/
 https://www.sslshopper.com/article-how-to-create-and-install-an-apache-self-signed-certificate.html
 http://www.akadia.com/services/ssh_test_certificate.html
 https://www.sslshopper.com/apache-server-ssl-installation-instructions.html