|
|
StartSSL™ - The Swiss Army Knife of Digital Certificates & PKI
|
|
 |
|
 |
|
Apache Web Server
|
| |
First of all you have to load the mod_ssl module. Many distributions and packages have this module shipped by default, otherwise check the documentation of Apache how to do this.
To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file:
LoadModule ssl_module modules/mod_ssl.so
Listen 443
<VirtualHost _default_:443>
DocumentRoot /home/httpd/private
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /usr/local/apache/conf/ssl.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
SSLCACertificateFile /usr/local/apache/conf/ca.pem
CustomLog /usr/local/apache/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Download the ca.pem and sub.class1.server.ca.pem for the above configuration. Make sure to change the path according to your apache installation. For windows you need to use something like c:\apache\httpd.
If you have a higher validated server certificate you need to use the class2 or class3 intermediate CA certificate. |
| |
|
|
 |
|
 |
|
|
|
