Test the Secure Web Server Configuration (HTTPS) Part 2

in #linux7 years ago


Source Image

8.Installation

To install a secure web server is no different than installing a web server (not a secure web server). Here's how to install.

# apt-get install apache2 php5 mysql-server phpmyadmin lynx

Next need to also install ssl and ssl cert

# apt-get installssl ssl-cert

9.Configuration

For secure web server configuration the first step is to enable ssl mode on the server.

Furthermore apache service that has been installed before need to be restarted

# / etc / init.d / apache2 restart

Then create a directory to store the server key and certificate

#mkdir /etc/init.d/apache2/ssl

The next step is to create an SSL certificate
# openssl req -x509 -nodes -days 730 -newkey rsa: 2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

The result of making ssl certificate is as follows:

1.jpg

The next step is because we enable 2 methods, HTTP and HTTPS. So HTTP protocols that have been made are ignored first, because this is for sure will work as it should. The apache component shows where the location of our website is stored in the default file. This is in /etc/apache2/sitesavailable/default.It is one of the apache components that shows the location website storage. By default this file refers to / var / www /. In the / etc / apache2 / sites-available / there are 2 pieces of files, one is the default file, and the second is the default-ssl. For HTTPS focus on default file-ssl. Open the file default-ssl in the apache2 folder.

#pico /etc/apache2/sites-available/default-ssl.conf

Then there are some configurations that need to be customized on the file like
following

2.jpg

Next find this line and put a comment (#):

3.jpg

Then activate the default-ssl website that has been created in the following way.

#a2ensite default-ssl

After all the above configuration has been done. The last step is to restart
return apache2 service.

#/etc/init.d/apache2 restart

Next Step Part 3

Last Part :

Part 1