Setting up ssl (https) in centos

1. sudo yum install mod_ssl openssl

2. Generate self signed certificate

      (i) create a directory (say ssl) in home directory mkdir ssl and go to this dir by cd ssl

      (ii) generate a host key

             sudo ssh-keygen -f vishalpundir.key

      (iii) generate certificate request file

             sudo openssl req -new -key vishalpundir.key -out vishalpundir_request.csr

      (iv) create ssl certificate

             sudo openssl x509 -req -days 365 -in vishalpundir_request.csr -signkey vishalpundir.key -out vishalpundir.crt

      (v) create no pass key so that no need to enter password on restart apache

              sudo openssl rsa -in vishalpundir.key -out vishalpundir.nopass.key

 

3. Configure httpd config file of apache:: sudo vi /etc/httpd/conf/httpd.conf and add following lines

         (i)  LoadModule ssl_module modules/mod_ssl.so

         (ii)   NameVirtualHost *:443

       <VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /home/[username]/ssl/vishalpundir.crt
        SSLCertificateKeyFile /home/[username]/ssl/vishalpundir.nopass.key 
        <Directory /var/www/html/site/public>
        AllowOverride All
        </Directory>
        DocumentRoot /var/www/html/site/public
        ServerName vishalpundir.in
      </VirtualHost>

4. Restart apache

        sudo service httpd restart

Comments