Install a certificate for Apache release 2 OVH (base gentoo)
You received your certificate by email with one or several intermediate certificates and a root certificate. Keep this email within reach.1- Retrieve your certificate(s) on your server
Go back where the private key has been generated, for example:cd /etc/httpd/ssl.crtor
cd /usr/local/apache/conf/ssl.keyIn the delivery email you'll find several links. Click on them and download the associated files:
- A: your server certificate
- B: the certification chain
2- Set up Apache
Edit your Apache 2 configuration file:/etc/httpd/ssl.confIf there is just one certificate on this machine, spot the section beginning with:
<VirtualHost _default_:443>In order to serve your content, edit the line as you wish: DocumentRoot and ServerName
and edit the following instructions to mahke them point to your files:
# SSL configuration # 128-bit mini PFS favored #SSLCipherSuite !EDH:!ADH:!DSS:!RC2:HIGH:MEDIUM:+3DES:+RC4 # 128-bit maximal security SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES SSLProtocol all -SSLv2 -SSLv3 # your server certificate(A) SSLCertificateFile /etc/httpd/ssl.crt/cert-0000000000-1234.cer # your private key (previously generated) SSLCertificateKeyFile /etc/httpd/ssl.key/www.example.com.key
For the certification chain (B), add:
SSLCertificateChainFile /etc/httpd/ssl.crt/chain-0000000000-1234.txtSee SSLCertificateChainFile
3- Restart Apache and run a test
Once setted up, restart the Apache server./etc/init.d/apache restartIf it does not restart verify the SSL log (for any syntax error): /var/log/httpd/.
Check the access of your website's secured pages with IE 6 and Firefox.
External links
Recap example
<VirtualHost 192.2.0.20:443> DocumentRoot "/home/virtual/www" ServerName www.virtualhost.com SSLEngine on SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES SSLProtocol ALL -SSLv2 -SSLv3 SSLCertificateFile "/usr/local/apache/conf/ssl.crt/www.virtualhost.com.crt" SSLCertificateKeyFile "/usr/local/apache/conf/ssl.key/www.virtualhost.com.key" SSLCACertificateFile "/usr/local/apache/conf/ssl.crt/thawteintermediate.crt" </VirtualHost>
Last edited on 11/24/2020 15:33:37 --- [search]