- Check that you have completed the basic ssl module set up
sudo a2enmod ssl
And check that the server is listening on 443. either netstat antp for it or grep for the Listen line in the apache2 config files.
Listen 443
Choose a new ip address for the ssl version of the server. Lets say we pick the IP: 192.168.1.200. Once you have gotten the crt back from the provider move it into place and remember to chown and chmod it for root onlyLets assume we placed it at; /etc/apache2/ss/www.mysite.com.crt
- Now to multi-home the server (ie give it the new ip address to play with). You do this by editing and appending the following to /etc/network/interfaces
#this is mysite's ip for its ssl auto eth0:1 iface eth0:1 inet static address 192.168.1.200 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255
Remember to update your DNS server if needed
- Then add a new virtual host for the SSL version of the site.
<VirtualHost 192.168.1.200:443> ... COPY OF NON-SSL VERSIONS SETTINGS ... SSLEngine On SSLCertificateKeyFile /etc/apache2/ssl/www.mysite.com.key SSLCertificateFile /etc/apache2/ssl/www.mysite.com.crt </VirtualHost>
https://help.ubuntu.com/8.04/serverguide/C/httpd.html https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
No comments:
Post a Comment