martedì 30 novembre 2010

Debian - Abilitare SSL in Apache

Non sto` inventando niente, e` solo un promemoria, perche` non ricordo MAI dove andare a leggere :P

Un'estratto dal file "/usr/share/doc/apache2.2-common/README.Debian.gz":

Enabling SSL

To enable SSL, type (as user root):

  a2ensite default-ssl
  a2enmod ssl

If you want to use self-signed certificates, you should install the ssl-cert
package (see below). Otherwise, just adjust the SSLCertificateFile and
SSLCertificateKeyFile directives in /etc/apache2/sites-available/default-ssl to
point to your SSL certificate. Then restart apache:

  /etc/init.d/apache2 restart

Creating self-signed certificates

If you install the ssl-cert package, a self-signed certificate will be
automatically created using the hostname currently configured on your computer.
You can recreate that certificate (e.g. after you have changed /etc/hosts or
DNS to give the correct hostname) as user root with:

  make-ssl-cert generate-default-snakeoil --force-overwrite

To create more certificates with different host names, you can use

  make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /path/to/cert-file.crt

This will ask you for the hostname and place both SSL key and certificate in
the file /path/to/cert-file.crt . Use this file with the SSLCertificateFile
directive in the apache config (you don't need the SSLCertificateKeyFile in
this case).

E questi sono i comandi digitati in console, completi delle informazioni restituite:
PC:~# a2ensite default-ssl
Enabling site default-ssl.
Run '/etc/init.d/apache2 reload' to activate new configuration!
PC:~# a2enmod ssl
Enabling module ssl.
See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
Run '/etc/init.d/apache2 restart' to activate new configuration!
PC:~# make-ssl-cert generate-default-snakeoil --force-overwrite
PC:~# /etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting .

Nessun commento:

Posta un commento