Step1: yum install httpd*
Step2: [root@server ~]# cd /etc/httpd/conf
[root@server ~]# vim httpd.conf
------------------------------------------------------------
Uncomment the line....
NameVirtualHost *:80
Add the the following lines at the bottom end for creating new virtual hosts....
<Directory /var/www/html/>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin hasan@hasan.com
ServerName hasan.com
ServerAlias www.hasan.com
DocumentRoot /var/www/html/hasan.com
ErrorLog /var/log/httpd/hasan.com/error.log
CustomLog /var/log/httpd/hasan.com/access.log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
DocumentRoot /var/www/html/mithu.com
ErrorLog /var/log/httpd/mithu.com/error.log
CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
or we can individually create each virtual host in /etc/httd/conf.d directory...
In this scenerio we also shoud uncomment the line NameVirtualHost *:80 in
[ /etc/httpd/conf/httpd.conf ] file.
Then,
[root@server ~]# cd /etc/httd/conf.d
[root@server conf.d]# vim mehedi.com.conf
--------------------------------
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
--------------------------------
[root@server conf.d]# vim hasan.com.conf
---------------------------------
<VirtualHost *:80>
ServerAdmin hasan@hasan.com
ServerName hasan.com
ServerAlias www.hasan.com
DocumentRoot /var/www/html/hasan.com
ErrorLog /var/log/httpd/hasan.com/error.log
CustomLog /var/log/httpd/hasan.com/access.log common
</VirtualHost>
----------------------------------
How to configure ssl on Apache web server RHEL6? (HTTPS)
-----------------------------------------------
Step1: Install required packages...
------
[root@server ~]# yum install mod_ssl openssl
Step2: Generate a self-signed certificate....
------
# Generate private key
[root@server ~]# openssl genrsa -out ca.key 1024
# Generate CSR
[root@server ~]# openssl req -new -key ca.key -out ca.csr
# Generate Self Signed Key
[root@server ~]# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
# Copy the files to the correct locations
[root@server ~]# cp ca.crt /etc/pki/tls/certs
[root@server ~]# cp ca.key /etc/pki/tls/private/ca.key
[root@server ~]# cp ca.csr /etc/pki/tls/private/ca.csr
IF SELINUX IS ENABLED IN YOUR SYSTEM THEN PLEASE ENTER THE FOLLOWING COMMAND TO ALLOW THIS CERTIFICATE FILES....
[root@server ~]# restorecon -RvF /etc/pki
Step3:
-----
Now we need to update the Apache SSL configuration file
[root@server ~]# vim /etc/httpd/conf.d/ssl.conf
Change the paths to match where the Key file is stored...
--------------------------------------------
SSLCertificateFile /etc/pki/tls/certs/ca.crt
--------------------------------------------
Then set the correct path for the Certificate Key File a few lines below...
--------------------------------------------------
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
--------------------------------------------------
Quit and save the file and then restart Apache
[root@server ~]# /etc/init.d/httpd restart or Service httpd restart
Step4: Setting up the virtual hosts
-----
[root@server ~]# vim /etc/httpd/conf/httpd.conf
----------------------------------------------------------------------
NameVirtualHost *:80
NameVirtualHost *:443
#Allow for HTTP Access for mehedi.com
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
# Allow for HTTPS Access for mehedi.com
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory /var/www/html/mehedi.com>
AllowOverride All
</Directory>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
---------------------------------------------------------------------
Step5: Configuring the firewall for allowing the secure port...(Https)
-----
[root@server ~]# vim /etc/sysconfig/iptables
--------------------------------------
-A INPUT -p tcp --dport 443 -j ACCEPT
--------------------------------------
[root@server ~]# service iptables restart
======================================================================
REDIRECT http request to https forcefully for a specific virtual host:
======================================================================
<VirtualHost *:80>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
#DocumentRoot /var/www/html/mithu.com
#ErrorLog /var/log/httpd/mithu.com/error.log
#CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
# Allow HTTPS for mithu.com
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory /var/www/html/mithu.com>
AllowOverride All
</Directory>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
DocumentRoot /var/www/html/mithu.com
ErrorLog /var/log/httpd/mithu.com/error.log
CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
---------------------------------------------------------------------------
Step2: [root@server ~]# cd /etc/httpd/conf
[root@server ~]# vim httpd.conf
------------------------------------------------------------
Uncomment the line....
NameVirtualHost *:80
Add the the following lines at the bottom end for creating new virtual hosts....
<Directory /var/www/html/>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin hasan@hasan.com
ServerName hasan.com
ServerAlias www.hasan.com
DocumentRoot /var/www/html/hasan.com
ErrorLog /var/log/httpd/hasan.com/error.log
CustomLog /var/log/httpd/hasan.com/access.log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
DocumentRoot /var/www/html/mithu.com
ErrorLog /var/log/httpd/mithu.com/error.log
CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
or we can individually create each virtual host in /etc/httd/conf.d directory...
In this scenerio we also shoud uncomment the line NameVirtualHost *:80 in
[ /etc/httpd/conf/httpd.conf ] file.
Then,
[root@server ~]# cd /etc/httd/conf.d
[root@server conf.d]# vim mehedi.com.conf
--------------------------------
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
--------------------------------
[root@server conf.d]# vim hasan.com.conf
---------------------------------
<VirtualHost *:80>
ServerAdmin hasan@hasan.com
ServerName hasan.com
ServerAlias www.hasan.com
DocumentRoot /var/www/html/hasan.com
ErrorLog /var/log/httpd/hasan.com/error.log
CustomLog /var/log/httpd/hasan.com/access.log common
</VirtualHost>
----------------------------------
How to configure ssl on Apache web server RHEL6? (HTTPS)
-----------------------------------------------
Step1: Install required packages...
------
[root@server ~]# yum install mod_ssl openssl
Step2: Generate a self-signed certificate....
------
# Generate private key
[root@server ~]# openssl genrsa -out ca.key 1024
# Generate CSR
[root@server ~]# openssl req -new -key ca.key -out ca.csr
# Generate Self Signed Key
[root@server ~]# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
# Copy the files to the correct locations
[root@server ~]# cp ca.crt /etc/pki/tls/certs
[root@server ~]# cp ca.key /etc/pki/tls/private/ca.key
[root@server ~]# cp ca.csr /etc/pki/tls/private/ca.csr
IF SELINUX IS ENABLED IN YOUR SYSTEM THEN PLEASE ENTER THE FOLLOWING COMMAND TO ALLOW THIS CERTIFICATE FILES....
[root@server ~]# restorecon -RvF /etc/pki
Step3:
-----
Now we need to update the Apache SSL configuration file
[root@server ~]# vim /etc/httpd/conf.d/ssl.conf
Change the paths to match where the Key file is stored...
--------------------------------------------
SSLCertificateFile /etc/pki/tls/certs/ca.crt
--------------------------------------------
Then set the correct path for the Certificate Key File a few lines below...
--------------------------------------------------
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
--------------------------------------------------
Quit and save the file and then restart Apache
[root@server ~]# /etc/init.d/httpd restart or Service httpd restart
Step4: Setting up the virtual hosts
-----
[root@server ~]# vim /etc/httpd/conf/httpd.conf
----------------------------------------------------------------------
NameVirtualHost *:80
NameVirtualHost *:443
#Allow for HTTP Access for mehedi.com
<VirtualHost *:80>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
# Allow for HTTPS Access for mehedi.com
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory /var/www/html/mehedi.com>
AllowOverride All
</Directory>
ServerAdmin mehedi@mehedi.com
ServerName mehedi.com
ServerAlias www.mehedi.com
DocumentRoot /var/www/html/mehedi.com
ErrorLog /var/log/httpd/mehedi.com/error.log
CustomLog /var/log/httpd/mehedi.com/access.log common
</VirtualHost>
---------------------------------------------------------------------
Step5: Configuring the firewall for allowing the secure port...(Https)
-----
[root@server ~]# vim /etc/sysconfig/iptables
--------------------------------------
-A INPUT -p tcp --dport 443 -j ACCEPT
--------------------------------------
[root@server ~]# service iptables restart
======================================================================
REDIRECT http request to https forcefully for a specific virtual host:
======================================================================
<VirtualHost *:80>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
#DocumentRoot /var/www/html/mithu.com
#ErrorLog /var/log/httpd/mithu.com/error.log
#CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
# Allow HTTPS for mithu.com
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory /var/www/html/mithu.com>
AllowOverride All
</Directory>
ServerAdmin mithu@mithu.com
ServerName mithu.com
ServerAlias www.mithu.com
DocumentRoot /var/www/html/mithu.com
ErrorLog /var/log/httpd/mithu.com/error.log
CustomLog /var/log/httpd/mithu.com/access.log common
</VirtualHost>
---------------------------------------------------------------------------
No comments:
Post a Comment