Sunday, June 7, 2020

How to Enable SSL on Apache Web Server

Generally, using two methods, we can access a web server. One is secure way and the other one is insecure way. And we know that, HTTP protocol works on insecure way, on the other hand, HTTPS protocol works on secure way. If we use HTTP protocol or insecure way, then there is a chance for data manipulation in the middle way.  Someone can intercept the HTTP information during data transmission. To get rid of from this, we are using secure way or HTTPS protocol. All the data are being encrypted during this type of transmission. That's why, this is the reliable way to get access a web site.

In this lesson we will discuss about how to enable this HTTPS protocol on our web server. So that, all data should be encrypted during transmission.

To enable SSL or HTTPS protocol in our web site, we need two files. One file is for certificate and the other one is for certificate key file. In this tutorial we assume that, our certificate file name is "knowledge-area.com.cert" and our certificate key file name is "knowledge-area.com.key". Here “knowledge-area.com” is the domain of this certificate file or key file. Please contact any SSL service provider to get those files.

Now we have to copy these files into the ssl directory. The ssl directory should be located under the Apache root directory that is "/etc/apache2". If you want, you can change this location as your requirement. If there is no ssl directory at that location, you can create one. So, in our case the full ssl path will be “/etc/apache2/ssl”.

After the file copied, we have to configure our "default-ssl.conf" file. This file is located the following directory.

/etc/apache2/sites-available/default-ssl.conf

After opening it, locate the “SSLCertificateFile” and “SSLCertificateKeyFile”option and change its value as the certificate path. As our configuration, this will be:-

SSLCertificateFile     /etc/apache2/ssl/knowledge-area.com.cert

SSLCertificateKeyFile    /etc/apache2/ssl/knowledge-area.com.key

Now we have to configure our default site configuration file named “000-default.conf”, so that all the traffic what is coming from HTTP protocol that should be redirect to HTTPS protocol. The file is available at the following path:-

/etc/apache2/sites-available/000-default.conf

After opening this file just add the below line under this “<VirtualHost   *:80 >” line. This will be looks like as follows:-

<VirtualHost   *:80 >
Redirect    /    https://11.11.11.11    {your ip address will be here}

At last we have to enable ssl mode for this web server. To enable this, execute the below command:-

a2enmod    ssl

Now restart your apache service to take effect with this change. To restart:-

systemctl   restart  apache

Now this apache web server is ready for accept secure connection or HTTPS connection.

No comments:

Post a Comment