Apache SSL Setup

To setup the Apache SSL certificates for secure HTTPS connections, you will need to gather the key, certificate, and intermediate/root files. If you requested a certificate from ICS Support, you would have been emailed an encrypted key file along with a pass phrase. You will then be emailed by Incommon with links to download the certificate and intermediate/root certificates.

With those 3 files in hand, in your httpd.conf, you will want to define the following:

SSLEngine on
SSLCertificateFile <path-to-certificate-file>
SSLCertificateKeyFile <path-to-key-file>
SSLCertificateChainFile <path-to-intermediate-root-file>

You will put these settings either in httpd.conf or in the VirtualHost area of the server configuration.

NOTE: In Apache 2.4.8, SSLCertificateChainFile became obsolete. The SSLCertificateFile would contain the certificate, intermediate, and file files concatenated together, in that order.

To have the apache auto-start instead of prompting for the pass phrase for the key file, you will need to use this option:

SSLPassPhraseDialog “exec:<path-to-file>”

Normally the file is called pp-filter so just create it somewhere in your apache instance. The pp-filter file can be as complicated as you want for security purposes. Please see http://www.modssl.org/docs/2.1/ssl_reference.html.

A simple one is:

#!/bin/sh
echo "pass phrase"
services/apache_ssl_setup.txt · Last modified: 2016/10/27 10:39 by dutran
CC Attribution-Noncommercial-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0