OpenSSL is an open-source implementation of the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols.
Generate a Private Key and a CSR
This begins the process of generating two files: the Private-Key
file for the decryption of your SSL Certificate, and a certificate signing request (CSR)
file (used to apply for your SSL Certificate).
# openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Generating SSL Certificates
If we would like to use an SSL certificate to secure a service but we do not require a CA-signed certificate, a valid (and free) solution is
to sign your own certificates. We can Generate a Self-Signed Certificate from an Existing Private Key that we create before. This command creates a self-signed certificate (server.crt) from an existing private key (server.key).
# openssl req -key server.key -new -x509 -days 1095 -out server.crt
The -x509 option tells req to create a self-signed cerificate. The -days 1095 option specifies that the certificate will be valid for 1095 days (3 Years). A temporary CSR is generated to gather information to associate with the certificate.
[Apache] Redirect HTTP To HTTPS
If we want to redirect our web site to always be sent over SSL (HTTP TO HTTPS). We can do this :
1. Using Virtual Host
Just add this into apache config
<VirtualHost *:80>
ServerName example.com
Redirect / https://example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName secure.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
Redirect permanent /login https://mysite.example.com/login
3. Using mod_rewrite
This config can be used on .htaccess or httpd.conf
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
1. Using Virtual Host
Just add this into apache config
<VirtualHost *:80>
ServerName example.com
Redirect / https://example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName secure.example.com
DocumentRoot /usr/local/apache2/htdocs
SSLEngine On
# etc...
</VirtualHost>
2. Using .htaccess
Redirect permanent /login https://mysite.example.com/login
3. Using mod_rewrite
This config can be used on .htaccess or httpd.conf
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
0
comments
Labels:
Apache,
Web Server
Labels:
Apache,
Web Server
Subscribe to:
Posts (Atom)
