linux:commserv:apache2:config

Buch erstellen
 Diese Seite zum Buch hinzufügen
Buch erstellen
 Diese Seite aus Buch entfernen  

 Buch anzeigen, ändern(0 Seite/n)
 Hilfe

Apache

SSL (https)

A special thing for getting Apache2 starting withaut user-interaction is also to store a decrypted key, since without Apache will ask at every start for the password…

mv /etc/ssl/private/station7_key.pem /etc/ssl/apache2/private/station7_secure-key.pem
openssl rsa -in /etc/ssl/private/station7_secure-key.pem -out /etc/ssl/apache2/private/station7_decrypted-key.pem


Enable mod_ssl and mod_rewrite in /etc/sysconfig/apache2:
Modify the APACHE_MODULES: 

APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation \ 
rewrite setenvif suexec userdir php4 php5"

with the ssl-module: 

APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation \ 
rewrite setenvif suexec userdir php4 php5 ssl"

and the APACHE_SERVER_FLAGS: 

APACHE_SERVER_FLAGS="SSL"


Modify /etc/apache2/listener.conf: 

Listen 80
<IfDefine SSL>
  <IfDefine !NOSSL>
      <IfModule mod_ssl.c>
          Listen 443
      </IfModule>
  </IfDefine>
</IfDefine>

# Use name-based virtual hosting
NameVirtualHost *:80
NameVirtualHost *:443

Create two virtual-host configurations:
/etc/apache2/vhosts.d/station7.conf: 

<VirtualHost *:80>
  ServerAdmin hostmaster@example.com
  ServerName station7.example.com
  DocumentRoot /srv/www/htdocs/
  ErrorLog /var/log/apache2/station7_error.log
  CustomLog /var/log/apache2/station7_access.log combined
  ServerSignature On

  # This rule will redirect users from their original location, to the same location but using HTTPS.
  # i.e.  http://www.example.com/foo/ to https://www.example.com/foo/
  # enable mod_rewrite:
  RewriteEngine On

  # check if connection is not already https:
  RewriteCond %{HTTPS} !=on

  # force https:
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

and /etc/apache2/vhosts.d/station7-ssl.conf: 

<IfDefine SSL>
<IfDefine !NOSSL>

<VirtualHost *:443>
      DocumentRoot /srv/www/htdocs/
      ServerName station7.example.com:443
      ServerAdmin hostmaster@example.com
      ErrorLog /var/log/apache2/station7-ssl_error.log
      TransferLog /var/log/apache2/station7-ssl_access.log
      SSLEngine on
      SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      SSLCertificateFile /etc/ssl/certs/station7_cert.pem
      SSLCertificateKeyFile /etc/ssl/private/station7_decrypted-key.pem
      <Files ~ "\.(cgi|shtml|phtml|php3?)$">
          SSLOptions +StdEnvVars
      </Files>
      <Directory "/srv/www/cgi-bin">
          SSLOptions +StdEnvVars
      </Directory>
      SetEnvIf User-Agent ".*MSIE.*" \
               nokeepalive ssl-unclean-shutdown \
               downgrade-1.0 force-response-1.0
      CustomLog /var/log/apache2/ssl_request.log   ssl_combined
</VirtualHost>

</IfDefine>
</IfDefine>



index

Diese Website verwendet Cookies. Durch die Nutzung der Website stimmen Sie dem Speichern von Cookies auf Ihrem Computer zu. Außerdem bestätigen Sie, dass Sie unsere Datenschutzbestimmungen gelesen und verstanden haben. Wenn Sie nicht einverstanden sind, verlassen Sie die Website.Weitere Information
  • linux/commserv/apache2/config.txt
  • Zuletzt geändert: 2010-12-27 16:20
  • von 127.0.0.1