121 lines
3.6 KiB
Markdown
121 lines
3.6 KiB
Markdown
---
|
|
source: https://stackoverflow.com/a/25946171
|
|
tags: ["apache2", "ubuntu"]
|
|
---
|
|
|
|
## Самоподписанный сертификат для локальной разработки
|
|
|
|
Enable the apache module by typing:
|
|
|
|
```shell
|
|
sudo a2enmod ssl
|
|
```
|
|
|
|
After you have enabled SSL, you'll have to restart the web server for the change to be recognized:
|
|
|
|
```shell
|
|
sudo service apache2 restart
|
|
```
|
|
|
|
Let's start off by creating a subdirectory within Apache's configuration hierarchy to place the certificate files that we will be making:
|
|
|
|
```shell
|
|
sudo mkdir /etc/apache2/ssl
|
|
```
|
|
|
|
Now that we have a location to place our key and certificate, we can create them both in one step by typing:
|
|
|
|
```shell
|
|
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
|
|
```
|
|
|
|
The questions portion looks something like this:
|
|
|
|
```shell
|
|
Country Name (2 letter code) [AU]:US
|
|
State or Province Name (full name) [Some-State]:New York
|
|
Locality Name (eg, city) []:New York City
|
|
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Company
|
|
Organizational Unit Name (eg, section) []:Department of Kittens
|
|
Common Name (e.g. server FQDN or YOUR name) []:your_domain.com
|
|
Email Address []:your_email@domain.com
|
|
```
|
|
|
|
Open the file with root privileges now:
|
|
|
|
```shell
|
|
sudo nano /etc/apache2/sites-available/default-ssl.conf
|
|
```
|
|
|
|
With the comments removed, the file looks something like this:
|
|
|
|
```XML
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost _default_:443>
|
|
ServerAdmin webmaster@localhost
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
|
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
|
|
<FilesMatch "\\.(cgi|shtml|phtml|php)$">
|
|
SSLOptions +StdEnvVars
|
|
</FilesMatch>
|
|
<Directory /usr/lib/cgi-bin>
|
|
SSLOptions +StdEnvVars
|
|
</Directory>
|
|
BrowserMatch "MSIE [2-6]" \\
|
|
nokeepalive ssl-unclean-shutdown \\
|
|
downgrade-1.0 force-response-1.0
|
|
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
|
|
</VirtualHost>
|
|
</IfModule>
|
|
```
|
|
|
|
In the end, it will look something like this. The entries were modified from the original file:
|
|
|
|
```XML
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost _default_:443>
|
|
ServerAdmin admin@example.com
|
|
ServerName your_domain.com
|
|
ServerAlias www.your_domain.com
|
|
DocumentRoot /var/www/html
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/apache2/ssl/apache.crt
|
|
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
|
|
<FilesMatch "\\.(cgi|shtml|phtml|php)$">
|
|
SSLOptions +StdEnvVars
|
|
</FilesMatch>
|
|
<Directory /var/www/html>
|
|
SSLOptions +StdEnvVars
|
|
DirectoryIndex index.php
|
|
AllowOverride All
|
|
Order allow,deny
|
|
Allow from all
|
|
</Directory>
|
|
BrowserMatch "MSIE [2-6]" \\
|
|
nokeepalive ssl-unclean-shutdown \\
|
|
downgrade-1.0 force-response-1.0
|
|
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
|
|
</VirtualHost>
|
|
</IfModule>
|
|
```
|
|
|
|
Save and exit the file when you are finished. Now that we have configured our SSL-enabled virtual host, we need to enable it.
|
|
|
|
```shell
|
|
sudo a2ensite default-ssl.conf
|
|
```
|
|
|
|
We then need to restart Apache to load our new virtual host file:
|
|
|
|
```shell
|
|
sudo service apache2 restart
|
|
```
|
|
|
|
That's it now run your site with https..!!
|