==== Apache ===
=== SSL (https) ===

A special thing for getting Apache2 starting withaut user-interaction is also to store a decrypted key, since without Apache will ask at every start for the password...\\
  mv /etc/ssl/private/station7_key.pem /etc/ssl/apache2/private/station7_secure-key.pem
  openssl rsa -in /etc/ssl/private/station7_secure-key.pem -out /etc/ssl/apache2/private/station7_decrypted-key.pem
\\
Enable mod_ssl and mod_rewrite in **/etc/sysconfig/apache2:**\\ 
Modify the APACHE_MODULES:
  APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation \ 
  rewrite setenvif suexec userdir php4 php5"
with the ssl-module:
  APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation \ 
  rewrite setenvif suexec userdir php4 php5 ssl"
and the APACHE_SERVER_FLAGS:
  APACHE_SERVER_FLAGS="SSL"
\\
Modify **/etc/apache2/listener.conf:**
  Listen 80
  <IfDefine SSL>
    <IfDefine !NOSSL>
        <IfModule mod_ssl.c>
            Listen 443
        </IfModule>
    </IfDefine>
  </IfDefine>
  
  # Use name-based virtual hosting
  NameVirtualHost *:80
  NameVirtualHost *:443
Create two virtual-host configurations: \\ 
**/etc/apache2/vhosts.d/station7.conf:**
  <VirtualHost *:80>
    ServerAdmin hostmaster@example.com
    ServerName station7.example.com
    DocumentRoot /srv/www/htdocs/
    ErrorLog /var/log/apache2/station7_error.log
    CustomLog /var/log/apache2/station7_access.log combined
    ServerSignature On
  
    # This rule will redirect users from their original location, to the same location but using HTTPS.
    # i.e.  http://www.example.com/foo/ to https://www.example.com/foo/
    # enable mod_rewrite:
    RewriteEngine On
  
    # check if connection is not already https:
    RewriteCond %{HTTPS} !=on
  
    # force https:
    RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  </VirtualHost>

and **/etc/apache2/vhosts.d/station7-ssl.conf:**
  <IfDefine SSL>
  <IfDefine !NOSSL>
  
  <VirtualHost *:443>
        DocumentRoot /srv/www/htdocs/
        ServerName station7.example.com:443
        ServerAdmin hostmaster@example.com
        ErrorLog /var/log/apache2/station7-ssl_error.log
        TransferLog /var/log/apache2/station7-ssl_access.log
        SSLEngine on
        SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
        SSLCertificateFile /etc/ssl/certs/station7_cert.pem
        SSLCertificateKeyFile /etc/ssl/private/station7_decrypted-key.pem
        <Files ~ "\.(cgi|shtml|phtml|php3?)$">
            SSLOptions +StdEnvVars
        </Files>
        <Directory "/srv/www/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>
        SetEnvIf User-Agent ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0
        CustomLog /var/log/apache2/ssl_request.log   ssl_combined
  </VirtualHost>
  
  </IfDefine>
  </IfDefine>
\\ 
\\ 
<- [[commserv:index|index]]