Home arrow Latest Tutorials arrow Configure Apache22 SSL in FreeBSD
Configure Apache22 SSL in FreeBSD PDF
Thursday, 17 September 2009
This tutorial is about configuring Apache 22 SSL in FreeBSD

Step 1. Compile and install Apache
-----------------------------------------------

cd /usr/ports/www/apache22
make install clean


Step 2. Add the following lines to /etc/rc.conf
-------------------------------------------------------------
apache22_enable="YES"
apache22_flags="-DSSL"


Step 3. Create dirs to store Apache SSL keys
--------------------------------------------------------------
mkdir /usr/local/etc/apache22/ssl.key
mkdir /usr/local/etc/apache22/ssl.crt

chmod 0700 /usr/local/etc/apache22/ssl.key
chmod 0700 /usr/local/etc/apache22/ssl.crt


Step 4. Create certificates
-----------------------------------
# create certificate
cd /root
openssl genrsa -des3 -out server.key 1024

# create a Certificate Signing Request (CSR)
openssl req -new -key server.key -out server.csr

# self sign the certificate
openssl x509 -req -days 730 -in /root/server.csr -signkey /root/server.key -out /root/server.crt


Step 5. Copy certificate files to apache config directory
---------------------------------------------------------------------------
cp /root/server.key /usr/local/etc/apache22/ssl.key/
cp /root/server.crt /usr/local/etc/apache22/ssl.crt/


Step 6. Set proper permision for certificate files
------------------------------------------------------------------
chmod 0400 /usr/local/etc/apache22/ssl.key/server.key
chmod 0400 /usr/local/etc/apache22/ssl.crt/server.crt


Step 7. Add certificate to your Apache config
-------------------------------------------------------------
Add the following lines to your VirtualHost section in httpd.conf:

     SSLEngine on
     SSLCertificateFile /usr/local/etc/apache22/ssl.crt/server.crt
     SSLCertificateKeyFile /usr/local/etc/apache22/ssl.key/server.key


Step 8. Remove SSL Password
------------------------------------------
Remove SSL Password from certificate, otherwise you will have to
input password every time you start Apache.

cd /usr/local/etc/apache22/ssl.key
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key


Step 9. Allow access to Directory where your files are located
------------------------------------------------------------------------------------
Place the following lines to /usr/local/etc/apache22/httpd.conf file

order allow,deny
allow from all

in between your <Directory "/your_path_to_http_files">     </Directory> tags.
 
< Prev   Next >

Other BSD Systems

OpenBSD

Misc

Solaris

Polls

Best BSD firewall?