[LINUX] How to enable SSL (TLS) in Apache

Introduction

I tried to summarize how to enable SSL (TLS) using a self-signed certificate (* so-called oleore certificate) in Apache 2.4. Of course, this method cannot be used in a production environment, but I think it can be used when studying on a home server or in a development environment.

Environment used for testing

The hardware is not directly related to this procedure, but I have included it just in case.

Prerequisite settings

  1. Apache is installed.
  2. Apache is ready to start.
  1. SELinux is stopped and disabled.

Steps to enable SSL (TLS)

1. Installation of software required for HTTPS communication

[root@akagi ~]# yum install openssl
[root@akagi ~]# yum install mod_ssl

2. Move to working folder

[root@akagi ~]# cd /etc/pki/tls/certs/

3. Creating a private key

[root@akagi certs]# openssl genrsa > server.key
Generating RSA private key, 2048 bit long modulus
................................................+++
....+++
e is 65537 (0x10001)

4. Creating a public key

[root@akagi certs]# openssl req -new -key server.key > server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:JP
State or Province Name (full name) []:Tokyo
Locality Name (eg, city) [Default City]:Chiyoda
Organization Name (eg, company) [Default Company Ltd]:XYZ Company
Organizational Unit Name (eg, section) []:Development Dept.
Common Name (eg, your name or your server's hostname) []:192.168.10.240
Email Address []:[email protected]
 
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

5. Creating a server certificate (self-signed certificate)

[root@akagi certs]# openssl x509 -req -signkey server.key < server.csr > server.crt
Signature ok
subject=/C=JP/ST=Tokyo/L=Chiyoda/O=XYZ Company/OU=Development Dept./CN=192.168.10.240/[email protected]
Getting Private key

6. Copy of private key

[root@akagi certs]# cp -a server.key ../private/

7. Modify ssl.conf

★ Change server name
ServerName www.example.com:443
↓
ServerName 192.168.10.240:443
 
★TLS1.Supports 2 or more
SSLProtocol all -SSLv2 -SSLv3
↓
SSLProtocol +TLSv1.2
 
★ Certificate path
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
↓
SSLCertificateFile /etc/pki/tls/certs/server.crt
 
★ Private key path
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
↓
SSLCertificateKeyFile /etc/pki/tls/certs/server.key

8. Restart Apache

[root@akagi certs]# systemctl restart httpd

State after work

image.png

Reference URL

Recommended Posts

How to enable SSL (TLS) in Apache
How to specify TLS version in python requests
How to resolve SSL module errors in Anaconda environment
How to develop in Python
[Python] How to do PCA in Python
How to handle session in SQLAlchemy
How to use classes in Theano
How to write soberly in pandas
How to collect images in Python
How to update Spyder in Anaconda
How to use SQLite in Python
How to convert 0.5 to 1056964608 in one shot
How to reflect CSS in Django
How to kill processes in bulk
How to use Mysql in python
How to wrap C in Python
How to use ChemSpider in Python
How to use PubChem in Python
How to run TensorFlow 1.0 code in 2.0
How to handle Japanese in Python
How to log in to Docker + NGINX
How to call PyTorch in Julia
How to use calculated columns in CASTable
[Introduction to Python] How to use class in Python?
How to suppress display error in matplotlib
How to access environment variables in Python
How to dynamically define variables in Python
How to do R chartr () in Python
How to convert csv to tsv in CLI
How to delete expired sessions in Django
[Itertools.permutations] How to put permutations in Python
How to implement nested serializer in drf-flex-fields
How to work with BigQuery in Python
How to execute commands in jupyter notebook
How to do'git fetch --tags' in GitPython
How to get a stacktrace in python
How to display multiplication table in python
How to reassign index in pandas dataframe
How to use Anaconda interpreter in PyCharm
How to specify non-check target in Flake8
How to handle consecutive values in MySQL
How to switch python versions in cloud9
How to adjust image contrast in Python
How to use __slots__ in Python class
How to install Apache (httpd) on CentOS7
How to dynamically zero pad in Python
How to install Apache (httpd) on CentOS8
How to do Server-Sent Events in Django
How to use regular expressions in Python
How to implement Scroll View in pythonista 1
How to convert DateTimeField format in Django
How to use Map in Android ViewPager
How to display Hello world in python
How to read CSV files in Pandas
How to change editor color in PyCharm
How to write this process in Perl?
How to use is and == in Python
How to write Ruby to_s in Python
How to view images in Django's Admin
How to draw OpenCV images in Pygame
How to revive cells in iPython notebook