How to enable SSL on Apache 2 for SLES 10
This document (3771891) is provided subject to the disclaimer at the end of this document.
Environment
Suse Linux Enterprise Server 10
Apache 2.2
Apache 2.2
Situation
Goal
Enable SSL on Apache 2.2 for SUSE Linux Enterprise Server 10 for the default host.
Enable SSL on Apache 2.2 for SUSE Linux Enterprise Server 10 for the default host.
Resolution
1. If Apache has not been enabled and configured yet go to YaST
-> Network Services -> HTTP server. Run through the basic
configuration and accept all the default settings.
2. Go back to HTTP server and go to the Server Modules tab. Chose the SSL module and click on Toggle Status to change it to Enabled.
3. Go to /etc/apache2/vhosts.d and copy vhost-ssl.template into a new file vhost-ssl.conf. This file has all the settings for the default host to run on SSL port.
4. Open the file vhost-ssl.conf for editing and find the line that start with the directive
SSLCertificateFile. Point this directive to/etc/ssl/servercerts/servercert.pem, e.g.
Do the same for the directive SSLCertificateKeyFile and point it to /etc/ssl/servercerts/serverkey.pem:
Both files were created during the install of the server, when the CA was created for the server.
5. Enable SSL port (port 443) on the firewall. By default this port is close for the external traffic. Go to YaST -> Security and Users -> Firewall. Click on Allowed Services and chose HTTPS Server from the drop down menu and click Add. HTTPS Server will be added to the list of allowed services for the firewall. Click Next and Accept.
6. After restarting apache (rcapache2 restart), the Apache 2 default host will be available on the standard SSL port (443).
2. Go back to HTTP server and go to the Server Modules tab. Chose the SSL module and click on Toggle Status to change it to Enabled.
3. Go to /etc/apache2/vhosts.d and copy vhost-ssl.template into a new file vhost-ssl.conf. This file has all the settings for the default host to run on SSL port.
4. Open the file vhost-ssl.conf for editing and find the line that start with the directive
SSLCertificateFile. Point this directive to/etc/ssl/servercerts/servercert.pem, e.g.
SSLCertificateFile /etc/ssl/servercerts/servercert.pem
Do the same for the directive SSLCertificateKeyFile and point it to /etc/ssl/servercerts/serverkey.pem:
SSLCertificateKeyFile /etc/ssl/servercerts/serverkey.pem
Both files were created during the install of the server, when the CA was created for the server.
5. Enable SSL port (port 443) on the firewall. By default this port is close for the external traffic. Go to YaST -> Security and Users -> Firewall. Click on Allowed Services and chose HTTPS Server from the drop down menu and click Add. HTTPS Server will be added to the list of allowed services for the firewall. Click Next and Accept.
6. After restarting apache (rcapache2 restart), the Apache 2 default host will be available on the standard SSL port (443).
Additional Information
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:3771891
- Creation Date: 02-Apr-2008
- Modified Date:03-Mar-2020
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
