Installating SSL certificates

[phpguy]

Hello all,

I am installing some SSL certificates on my web server, however I have a couple questions, as I'm not familiar with this process

1) I'm not sure which directory to put them in? What is good practice? Is /var/www/secure a good location so long as I restrict access to the secure directory?

2) I am told to edit the following in my ssl.conf file of apache2

SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile

However, I cannot find this file, ssl.conf. Nor can I find the above directives in my main apache2.conf file. Where is the ssl.conf file? Or alternatively, could I just add the above directives to my apache2.conf file?

Thanks!

[phpguy]

OK, I found the ssl.conf file, it was located under/etc/apache2/mods-enabled/ssl.conf

I added the 3 lines to the file:

Code:

SSLCertificateFile /path/to/file
SSLCertificateKeyFile /path/to/file
SSLCertificateChainFile /path/to/file

Then restarted apache, but it still doesn't work. I can access http://host/ but I cannot access https://host/...

So then I went into the main configuration file and changed:

Code:

<VirtualHost *:80>

To

Code:

<VirtualHost *:443>

Then added these lines:

Code:

SSLCertificateFile /path/to/file
SSLCertificateKeyFile /path/to/file
SSLCertificateChainFile /path/to/file

But it's still not working... Same thing, when I try http://host/ it works, but when I try https://host/ it does not!

I would've thought changing the port in the VirtualHost line from 80 to 443 would disallow access on 80.... So why does 80 (http) work and 443 (https) not work?

Any more ideas on what I can try? Is it perhaps because my certificate files are in the /var/www/ directory itself? Do I need to put these *crt files outside of the webroot directory?

[phpguy]

Actually.... I feel like an idiot now.

I didn't open the port 443 in my router. Once I opened this, then everything worked fine!!