Apache with SSL and http redirection to https on Ubuntu


The TLS (transport layer security) and its predecessor SSL( secure sockets layer)  are the secure protocols created in order to place normal traffic in a protected, encrypted wrapper.
These protocols allow traffic to be sent safely between remote parties with secure data transfer  where  data is being intercepted and read by someone else in the middle.
In this guide, will learn how to create a self-signed SSL certificate for Apache on an Ubuntu 14.04 server.  Which will allow you to encrypt traffic from your server to client. While this does not provide the benefit of third party validation of your server's identity, it only full fills the requirements of those simply wanting to transfer information securely to the client.


Pre-requisites

Update the linux using this command

# sudo apt-get update

Install the apache if not installed

# sudo apt-get install apache2

Activate the SSL Module
Enable the module by typing

# sudo a2enmod ssl

After you have enabled SSL, you'll have to restart the web server for the change to be recognized:

#sudo service apache2 restart

Create a Self-Signed SSL Certificate

# sudo mkdir /etc/apache2/ssl

# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/test.key -out /etc/apache2/ssl/test.crt

Generating a 2048 bit RSA private key
................+++
.............+++
writing new private key to '/etc/apache2/ssl/test.key'
/etc/apache2/ssl/test.key: No such file or directory
140611063744160:error:02001002:system library:fopen:No such file or directory:bs                                                                                       s_file.c:398:fopen('/etc/apache2/ssl/test.key','w')
140611063744160:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
root@osticket:~# mkdir /etc/apache2/ssl
root@osticket:~# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/test.key -out /etc/apache2/ssl/test.crt
Generating a 2048 bit RSA private key
.+++
..................+++
writing new private key to '/etc/apache2/ssl/test.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Telengana
Locality Name (eg, city) []:Hyderabad
Organization Name (eg, company) [Internet Widgits Pty Ltd]:test
Organizational Unit Name (eg, section) []:helpdesk
Common Name (e.g. server FQDN or YOUR name) []:helpdesk.test.com
Email Address []:test@xyz.com


Configure Apache to Use SSL

# vi /etc/apache2/sites-enabled/default-ssl.conf


<VirtualHost 192.168.0.1:443>
     DocumentRoot /var/www/
     SSLEngine on
     SSLCertificateFile /etc/apache2/ssl/apache.crt
     SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>

Activate the SSL Virtual Host

# sudo a2ensite default-ssl.conf

# service apache2 restart

This should enable your new virtual host, which will serve encrypted content using the SSL certificate you created.

No w can open any browser of our choice and check https://your-ip-address

To Redirect http to https 80 - 443

Comment to  <virtual host *:80>  section and add

# vi /etc/apache2/apache2.conf

<VirtualHost *:80>
         ServerName 192.168.87.138
         Redirect /scp https://192.168.87.138/scp
         DocumentRoot /var/www/html/osticket/upload
</VirtualHost>

#<VirtualHost *:80>
#    ServerName 192.168.87.138
#    DocumentRoot /var/www/html/osticket/upload
#</VirtualHost>

No w can open any browser of our choice and check http://your-ip-address it will automatically redirect the browser to https://your-ip-address

Keywords, Ubuntu OpenSSL, SSL, Apache, 443, Redirection on https.

Location: Hyderabad, Telangana, India

Comments

Post a Comment

Popular posts from this blog

Observium: Configuring Microsoft Windows 2008 Server SNMP Agent

Image
1 . Open Control Pannel. 2. Right click on “ Programs & Features ” and click on “ Turn Windows Features on or off" 3 . Expand “ SNMP Services ” and select “ SNMP Service ” click Next 4. Click Install 5. Close  Programs & Features ” 6. Open Ädministraive Tools and clicket Services 7. Expand Configuration and select Services,  Select SNMP Service , right click and select properties 8 . Select the “ Agent ” tab 9. Type the contact name responsible for this server or email address 10 . Type the location eg, Hyderabad,India. 11 . Tick the following  Physical Datalink and subnetwork  SNMP Trap Service - Agent 12 . Select the “ Traps ” tab 13 . Type in the community string you are using in your environment and select “ Add to list ” 14 . Click “ Add ” 15 . Type the IP of the Observium ServerSNMP Trap Service - Traps 16 . Select “ Security ” tab 17 . Ensure “ Send authentication trap ” is
Read more

AWS: Upgrade PV Drivers on Windows Instances

Image
Amazon Windows AMIs contain a set of drivers to permit access to Xen virtualized hardware. These drivers are used by Amazon EC2 to map instance store and Amazon EBS volumes to their devices. If your Windows instance is launched from a Windows Server 2012 R2 AMI, it uses AWS PV drivers. If your Windows instance uses RedHat drivers, you can upgrade to Citrix drivers. If you are already using Citrix drivers, you can upgrade the Citrix Xen guest agent service. To verify which driver your Windows instance uses , open  Network Connections  in Control Panel and view the  Local Area Connection . Check whether the driver is one of the following: AWS PV Network Device Citrix PV Ethernet Adapter RedHat PV NIC Driver Alternatively, you can check the output from the  pnputil -e  command. AWS PV Drivers Windows Server 2012 R2 AMIs include AWS PV drivers. The AWS PV drivers are stored in the %ProgramFiles%\Amazon\Xentools directory. This directory also contains public symbo
Read more

How to configure Incremental backups for MSSQL Database

Image
Incremental Database Backup : Create a folder for the backup in the Hardisk (Ex: C:\SQL_backup\Incrementail) 1. Open SQL Server Management Studio and connect using windows credentials. 2. Click Management   and select Maintenance Plans . 3. Right-Click on Maintenance Plans and select New Maintenance Plans, Give naming Convention as Incremental_DB_Backup . 4. In Left side of Server Management Studio there will be a Tool Box within Maintenance Plan Tasks   5. Drag and drop the Back Up Database Task and Maintenance Clean Task in the Incremental_DB_Backup   Design area.   6. Right Click on the Back Up Database Task and select Edit .   7. Select the Type of Backup you want to do as Differential 8. Select the Database In Database(s)   in these database list (Ex: TestDB.)   9. Select Create a Backup file for every database , select Create a sub-directory for each database 10. Give the path where we want to store the database backup as C:\SQL_backup\I
Read more