Travelling Linux

It’s quite an easy and painless process actually but I always forget the step, so I write it here for my own reminder, hope this can help others too ;)

First for apache’s mod-ssl (https) to work, we have to create a certificate.

Creating a certificate

Generate the keys for the Certificate Signing Request (CSR):

openssl genrsa -des3 -out server.key 1024

Create the insecure key, the one without a passphrase:

openssl rsa -in server.key -out server.key.insecure

Shuffle the key names:

mv server.key server.key.secure

mv server.key.insecure server.key

Create the CSR:

openssl req -new -key server.key -out server.csr

Create the self-signed certificate:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Install the key file server.key and certificate file server.crt:

sudo cp server.crt /etc/ssl/certs

sudo cp server.key /etc/ssl/private

Ubuntu:

Enable the mod_ssl module:

sudo a2enmod ssl

Restart the service to enable the new settings:

sudo /etc/init.d/apache2 restart

Slackware:

Edit httpd.conf

pico /etc/httpd/httpd.conf

Enable the mod_ssl module, remove the comment in front of this line:

LoadModule ssl_module lib/httpd/modules/mod_ssl.so
and this:
Include /etc/httpd/extra/httpd-ssl.conf

Change the location of certificate:

SSLCertificateFile “/etc/httpd/server.crt”
to:
SSLCertificateFile “/etc/ssl/certs/server.crt”

SSLCertificateKeyFile “/etc/httpd/server.key”
to:
SSLCertificateKeyFile “/etc/ssl/private/server.key”

Restart apache:

/etc/rc.d/rc.httpd restart

Last but not least, don’t forget to check the webserver directory on apache’s mod-ssl config:

Ubuntu:

pico /etc/apache2/sites-enabled/default-ssl

Slackware:

pico /etc/httpd/extra/httpd-ssl.conf