Apache2 with SSL in Suse 9.2
We are assuming that you just want a SSL encrypted connection with a non-official Certificate (Non-Authorative). So follow the following steps:
- Turn apache2 off first by executing: /etc/rc.d/apache2 stop
- Generate a "fake" certificate using the following command: /usr/bin/gensslcert -c CA -s ON -l "Your_city" -o "Your_organization" -e your_name@your_isp.com -d -n FQDN Where:
- -C Common name "$name"
-N comment "$comment"
-c country (two letters, e.g. DE) $C
-s state $ST
-l city $L
-o organisation "$O"
-u organisational unit "$U"
-n fully qualified domain name $CN ($FQHOSTNAME)
-e email address of webmaster webmaster@$CN
-y days server cert is valid for $srvdays
-Y days CA cert is valid for $CAdays
-d run in debug mode
-h show usage - This will generate the necessary certs in the right directory.
- In /etc/sysconfig/apache2 make sure you have "ssl" under APACHE_MODULES. (ie: APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif status suexec userdir ssl").
- In the same file also add (check) the SSL flag (ie: APACHE_SERVER_FLAGS="-D SSL") and increase the timeout value (ie: APACHE_START_TIMEOUT="5").
- Save the file
- In /etc/apache2/vhosts.d directory do the following:
- cp vhost-ssl.template vhost-ssl.conf
- edit vhost-ssl.conf in /etc/apache2/vhosts.d and make sure the following are in place and uncommented:
- ServerName FQDN (The FQDN has to match the cert exactly).
- ServerAdmin your@email.address (The Email address has to match the cert).
- Do a dry test run with this command to make sure everything is in place using the following command:
- httpd2 -D SSL -S
- If you get no error and Sysntax is okay continue, if not you did something wrong :-)
- Restart the server with /etc/rc.d/apache2 start