<ol><li>Make an insecure version of the key</li>This is needed so that Apache does not prompt for a passkey every time it is started. However, you need to make sure to protect the integrity of the resulting <tt>server.key</tt> file.
<pre style="font-size: 9pt; background-color: rgb(238, 238, 238); border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-color: rgb(112, 112, 112); border-right-color: rgb(112, 112, 112); border-bottom-color: rgb(112, 112, 112); border-left-color: rgb(112, 112, 112); padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; "># openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key:
writing RSA key
# mv server.key server.key.secure
# mv server.key.insecure server.key
# cp server.key /etc/apache2/server.key
# cp server.crt /etc/apache2/server.crt
# chmod 600 server.key
# chmod 600 server.crt
</pre><li>Edit <tt>/etc/apache2/httpd.conf</tt> and uncomment the include directive for the SSL configuration file. Change:</li><pre style="font-size: 9pt; background-color: rgb(238, 238, 238); border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-color: rgb(112, 112, 112); border-right-color: rgb(112, 112, 112); border-bottom-color: rgb(112, 112, 112); border-left-color: rgb(112, 112, 112); padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; "># Secure (SSL/TLS) connections
#Include /private/etc/apache2/extra/httpd-ssl.conf
</pre>to
<pre style="font-size: 9pt; background-color: rgb(238, 238, 238); border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-color: rgb(112, 112, 112); border-right-color: rgb(112, 112, 112); border-bottom-color: rgb(112, 112, 112); border-left-color: rgb(112, 112, 112); padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; "># Secure (SSL/TLS) connections
Include /private/etc/apache2/extra/httpd-ssl.conf</pre></ol>
No comments:
Post a Comment