What is SSL and How To setup SSL On Linux Httpd, Apache2

  • Last Updated On: February 2, 2016
SSL (Secure Socket Layer) is a protocol , which establishes a secure connection between a web browser and the server so that no one can steal the data sent back and forth from the web browser and web server. In layman’s terms, you can have a secure connection between the user and server by encrypting the data that is sent over the network,so that data theft can be avoided. You probably noticed  https instead of http when accessing net-banking sites and other important sites. It is because those sites use SSL protocol.

How SSL Works:

1) The user requests a website using https eg: https://www.yoursite.com , the server receives the request and sends a certificate and public key to the web browser.

2)The browser checks if the certificate is trusted by checking it with the trusted certificate authorities it already has. The browser by default has some trusted certificate authorities. You can view it in the settings of your browser.

3)If the certificate is verified by the web browser, then it sends the requests to the web server by encrypting the requests using the public key issued by the web server. The web server in turn decrypts it using the private key it holds.

Thus a secured connection is established between the web browser and web server.

Setting Up SSL (self signed) on Linux Httpd.

In this tutorial am going to explain how to set up SSL on httpd (rhel based) or apache2 (debian). It uses the self signed certificate , you can use it for testing purposes. I assume that you have httpd server ready with a website.
1)Install mod_ssl by executing the following command in your terminal.
$ yum install mod_ssl openssl

2) Create a private key
$ openssl genrsa -out ssl.key 1024

3) Generate CSR
$ openssl req -new-key ssl.key -out ssl.csr

4) Generate a self singned certificate using the key and csr for 365 days.
$ openssl x509 -req -days 365 -in ssl.csr -signkey ssl.key -out ssl.crt

5) Copy the key, crt and csr files to respective folders using the following commands.
$ cp ssl.crt /etc/pki/tls/certs

$ cp ssl.key /etc/pki/tls/private/ssl.key

$ cp ssl.csr /etc/pki/tls/private/ssl.csr

6)Open the httpd.conf file using any editor to set the virtual host settings.
$ vi /etc/httpd/conf/httpd.conf

7) Add 443 port to the virtual post and find SSLcertificateFile and SLCertificatekeyFile and add the appropriate file pathof your crt file and key file.
8) Save the file and restart the httpd server.
$ service httpd restart

9) Open port 443 and block 80 in your local web server and access the site using https. You will be able to connect to the site using https. Eg: https://localhost/index
0 Shares
Picture of Scriptcrunch Editorial

Scriptcrunch Editorial

ScriptCrunch is your go-to website for all things DevOps. We specialize in helping engineers master Kubernetes and other essential DevOps tools. Our main goal is to provide easy-to-follow tutorials and valuable resources, with a special focus on the Cloud Native Computing Foundation (CNCF). Additionally, we offer insights into Linux Foundation Training and its various initiatives.

Other Interesting Blogs

Leave a Comment

scriptcrunch

Top Resources

Scripting

  • Python

Information

Email Newsletter

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap