duguo.org »  last updated 12:55, 30 June 2007 by Du, Guo

Apache SSL

From duguo.org

Jump to: navigation, search

Contents

Key generation

openssl genrsa -des3 -out home.key 1024

openssl rsa -in home.key -out home.pem

openssl req -new -key home.key -out home.csr

openssl x509 -req -days 3650 -in home.csr -signkey home.key -out home.crt

Common Name must be domain name for certification

Apache configuration

<VirtualHost 208.70.148.121:443>
        ServerName home.duguo.com
        DocumentRoot /bla/bla
        SSLEngine on
        SSLCertificateFile    /secure/folder/home.crt
        SSLCertificateKeyFile /secure/folder/home.pem
</VirtualHost>

Add user login

Add user to passwd file. Add -c if file not exist 

htpasswd home.htpasswd duguo

<VirtualHost 208.70.148.121:443>
        ServerName home.duguo.com
        DocumentRoot /bla/bla
        <Location / >
	        AuthName "home.duguo.com"
	        AuthType Basic
	        AuthUserFile /secure/folder/home.htpasswd
	        Require valid-user
        </Location>
</VirtualHost>


Reference

http://slacksite.com/apache/certificate.html

http://ertw.com/blog/2006/03/

http://apache-server.com/tutorials/LPauth1.html

Retrieved from "http://duguo.org/en/Apache_SSL"