Find the answer to your Linux question:
Results 1 to 8 of 8
I have recently setup a HTTP server using Apache. This was my first install of Apache, so I am very new to it. What I would now like to do ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    SSL
    SSL is offline
    Banned
    Join Date
    Jul 2011
    Posts
    2

    Setting up HTTPS in Apache with Linux


    I have recently setup a HTTP server using Apache.

    This was my first install of Apache, so I am very new to it.

    What I would now like to do is setup HTTPS for my server.
    Unfortunately, the official Apache 2.2 manual doesn't cover setting up HTTPS, and using Google search engine I have found tutorials using modified versions of Apache, which are no use for me as I chosen to use the official release.

    I am hoping someone can tutor me on how to achieve serving HTTPS with Apache 2.2.19.

    I ask the tutor gives instructions that are only relevant to setting up HTTPS.
    I have found allot of tutorials give examples, then go on to say 'well this can also be done by doing da da da.. but this can be covered in another tutorial.'. That just confuses the hell out of me.
    After achieving HTTPS, I will be all ears for recommendations and other topics related (or not related) to HTTPS.

    If the tutor will be showing reference code, I ask that the reference code be from a default file apart of official Apache 2.2.xx release only. This will eliminate inconsistency.

    Some information that might be of help to the tutor:
    I am using the Ubuntu 10.04.1 LTS distribution of GNU/Linux and Apache 2.2.19. I serve two virtual hosts.
    I have been using GNU/Linux for a year, understand the fundamentals of IP and have ran a HTTP server under Windows for years.

  2. #2
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    Posts
    136
    There are multiple steps involved - from certificate creation or purchase to server configuration.
    some of these steps may vary a little depending on your Linux distribution

    1. you need to have your server certificate, either from an authority or a self signed one
    it appears as a total newbie you ask for far more than you can personally digest based on the lack of basic knowledge and experience of using existing howtos
    if
    Apache2 SSL in Ubuntu - LinodeWiki
    https://help.ubuntu.com/8.04/serverg...-configuration
    and
    Apache HTTP Server Version 2.2 Documentation - Apache HTTP Server
    SSL/TLS Strong Encryption: How-To - Apache HTTP Server
    Security Tips - Apache HTTP Server

    is of no help to you,
    then I recommend any of all of below:

    1. first install and practice on localhost at home, use self signed certificate to practice on a virtual domain setup at home
    2. hire a professional to do ALL server admin if you can afford quality professionals
    3. use managed server instead of dedicated root server

    without basic knowledge, you are a danger to yourself and all www as per NOW, hours after you have a server online, you have for sure already multiple hackers attempting or successfully intruding your server space to plant/install whatever they need to exploit free hacker hosting.

    my firm rule for all life including www virtual world:
    first learn then do

    first learn at home on localhost on identical install
    then move on to www space

    first run and SECURE a simple install
    then move on to more complex install

    an ssl server in no way means more secure as a server
    it only may mean more secure CLIENT-server communication on an otherwise fully secured server

    If you have any important website - any website NEEDING SSL could by default be considered important - then once running and you encounter any problem, you need to be able to solve all such problems within minutes all by yourself using Google for instant solutions already out there. Now is the best time to learn how to interpret and use available online tutorials and online howto documentation

    later definitely may be much too late to start learning the basics!

  3. #3
    SLL
    SLL is offline
    Banned
    Join Date
    Jul 2011
    Posts
    3
    Quote Originally Posted by hans51 View Post
    1. you need to have your server certificate, either from an authority or a self signed one
    For now, I will be using a self-signed certificate. How do I create one?

    Quote Originally Posted by hans51 View Post
    it appears as a total newbie you ask for far more than you can personally digest based on the lack of basic knowledge and experience of using existing howtos
    It appears you did not read my original post correctly; I have read many howto's, but the problem is they are usually distro specific or lack easy to understand instructions.

    Quote Originally Posted by hans51 View Post
    SSL/TLS Strong Encryption: How-To - Apache HTTP Server
    I compiled, installed and setup Apache (with password protection directories) using the official documentation, but for this reason this document was written really crap. For example:
    The following creates an SSL server which speaks only the SSLv2 protocol and its ciphers.
    ... and then it says to input the following in httpd.conf... but it fails to say where.

    Quote Originally Posted by hans51 View Post
    1. first install and practice on localhost at home, use self signed certificate to practice on a virtual domain setup at home
    Yeah, this is what I am doing. Its running, and I can set passwords for directories, and now I need to know how to set encryption.

    Quote Originally Posted by hans51 View Post
    without basic knowledge, you are a danger to yourself and all www as per NOW, hours after you have a server online, you have for sure already multiple hackers attempting or successfully intruding your server space to plant/install whatever they need to exploit free hacker hosting.
    Yeah, Like I said earlier - I have been hosting a website under Windows for years. I am well aware of the nature of the Word Wide Web.

    Quote Originally Posted by hans51 View Post
    my firm rule for all life including Word Wide Web virtual world: first learn then do
    Absolutely. This is why I didn't just input that code anywhere into httpd.conf. I want confirmation where to input it before doing it.


    Quote Originally Posted by hans51 View Post
    first run and SECURE a simple install then move on to more complex install
    I plan on hosting a political website and eCommerce website with Apache in just a few months time, and they will eventually become Tier 1's in my country.

    Quote Originally Posted by hans51 View Post
    an ssl server in no way means more secure as a server it only may mean more secure CLIENT-server communication on an otherwise fully secured server
    I've never looked at it like that. Good point!

    Quote Originally Posted by hans51 View Post
    If you have any important website - any website NEEDING SSL could by default be considered important - then once running and you encounter any problem, you need to be able to solve all such problems within minutes all by yourself using Google for instant solutions already out there. Now is the best time to learn how to interpret and use available online tutorials and online howto documentation
    Yes. I wouldn't host these websites first without everything in place. I'm paranoid - standard.

    Sorry if this post does not make sense. This website is hopeless and false positives spammers. I've had to modify it from what it originally was for the server to accept it. Its taken me 25 minutes just to post my reply.

  4. #4
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    Posts
    136
    a Google search for
    howto create server key
    gives you multiple howtos_
    HOWTO
    How to create a self-signed Certificate
    Howto use SSH-server key - how to create SSH-server key and a few related tips using SSH server key login to ease and secure your remote server work - dedicated root server remote management

    do NOT password protect your server certificate unless you know what you do !!

    may be one of the most essential skills to learn is to use Google efficiently
    for such basic problems there are already thousands or millions of published and ready to use howtos out on the web

    hence one of the most basic skills you need is to work with available online howto and tutorials and adapt them to your individual needs
    when ever you search Google always ADD your Linux dist name to the search keywords to get dist specific answers

    you also need to know exactly WHY you take anything else but a precompiled apache ready for your distribution (you wrote "compiled, installed and setup Apache" = means NO default package as available from your dist)

    in 13+ yrs of Linux servers I never had a need for anything else but default servers as offered by my dist (opensuse) as a ready to install/ready to auto-update package
    apache as all other SW need constant updates/upgrades - for all prepared dist packages that is easy to do
    for all self compiled you do every few days or weeks a new apache on your own ...
    are you sure you KNOW why you do what you do ??

  5. #5
    SLL
    SLL is offline
    Banned
    Join Date
    Jul 2011
    Posts
    3
    Like I said, I found countless of howto's on Google, but they are all written crap, and almost all are distro specific, which are useless to me.

    Your 110% right about having to manually update software built from source. This is why I am going to build my own software-update system.
    After my dedicated server is setup, my next project is to build my own Linux from scratch. 100% mainline software only.

    Yes, I know why I choose source over distro-specific versions.
    Please see attached file - my rant from another thread.
    Unsaved Document 1.txt

  6. #6
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    Posts
    136
    If you plan to create your own Linux "distro" - then today is the best day to start and prove that you are ready for such project. You may do as you like, but if you want to do something all on your own, you may never expect to do so at the expense of others having to do your thinking and howtos your specific way. I have neither resources nor time helping anyone to create another Linux distro - I am absolutely happy with what I chose 13+ yrs ago when I moved from win96 to suse.
    Good luck

  7. #7
    SLL
    SLL is offline
    Banned
    Join Date
    Jul 2011
    Posts
    3
    So, are you able to help me with Apache 2.2 or not?

  8. #8
    Linux Newbie hans51's Avatar
    Join Date
    May 2011
    Posts
    136
    Since you want to have your own private dist - then yesterday was the day to learn such simple basics like setting up apache and serverkey on your own.
    when some 15+ yrs ago suse and redhat and a few others started their own dist, they invested millions of man hours + millions of $ and lots of expertise by hundreds of highly qualified coders do achieve what we enjoy today. I have much more important things to do than to help you create your own first step of your own private dist.. and i consider such additional help as a most severe waste of my own resources.
    able is one thing - i have my own 3 servers with all a high traffic site needs, besides my own servers I have a full time job.

    helping in real emergencies yes where possible to find solutions for existing distributions
    but building soap bubbles with newbies NO.
    IMO you lack even most basic skills and willingness to work with globally existing howtos and tutorials and there are professional instructors and professional coders to give professional linux seminars for solid $
    I never work for $ and only for truly useful projects on a merit basis.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •