Sunday, August 11, 2013

How to Enable SSL in Apache2 on Ubuntu

In this tutorial, I’ll explain you that how to enable the SSL for your website under Apache2 on Ubuntu Server. For this, I’m assuming:

1. That you have a working apache2 setup on your Ubuntu Server.

2. You have correctly configured the dns records for your domain.

3. You already got a certificate from a trusted certificate authority (CA) such as Godaddy,Verisign, Comodo, etc.

Let’s verify our web server that it is up and running, before beginning this tutorial:
http://rbgeek.com

1

Create a directory inside the /etc/apache2/ directory,where we’ll save the private key, public key certificate and bundle certificate:
cd /etc/apache2/ 
sudo mkdir ssl

2

Transfer the private key, public key certificate and bundle certificate inside the /etc/apache2/ssl/ directory and verify it:
cd ssl
ls

3

We want to configure the apache in such a way that it’ll run on HTTPs and for this we need to enable ssl Apache2 module with a2enmod:
sudo a2enmod ssl

4

It will suggest you to restart apache,ignore that message for now.

Edit the ports.conf file:
sudo nano /etc/apache2/ports.conf

5

Ensure that port 443 is defined as follows and add the NameVirtualHost for port 443,comment other lines:
NameVirtualHost *:443
Listen 443

6

Open up the SSL config file:
sudo nano /etc/apache2/sites-available/default-ssl

7

Fill in the correct ServerAdmin email address,add the ServerName line and adjust the path in the DocumentRootline. Also make sure that we have a valid path for the SSL:
8

Now we need to configure the SSL site:
sudo a2ensite default-ssl

9

Restart the Apache service:
sudo /etc/init.d/apache2 restart

13

Now we should be able to connect to the server through SSL using Chrome or any other browser:

14

Verify the Certificate, that it’s the same that we got from a trusted certificate authority (CA) and configured:

15

Our Web Server is also working with http (port 80).But, we don’t want that users access it through http, we only want to access it through https. To fix this, we need to edit the /etc/apache2/sites-available/default file:
sudo nano /etc/apache2/sites-available/default

16

Delete everything and add a redirection:
RedirectPermanent / https://rbgeek.com/

17

Restart the apache2 service:
sudo /etc/init.d/apache2 restart

18

Now if we go to http://rbgeek.com/, it will redirect us to https://rbgeek.com/
Posted by at
Labels: , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)