Apache2 : Configure SSL/TLS

vi /etc/apache2/sites-available/default-ssl.conf

# line 3 : change admin email

ServerAdmin 

[email protected]

# line 32,33 : change to the certs gotten in section [1]

SSLCertificateFile      /etc/letsencrypt/live/www.barisdemirtas.com.tr/cert.pem

SSLCertificateKeyFile   /etc/letsencrypt/live/www.barisdemirtas.com.tr/privkey.pem

# line 42 : uncomment and change to the chain-file gotten in section [1]

SSLCertificateChainFile /etc/letsencrypt/live/www.barisdemirtas.com.tr/chain.pem

root@barneo:~# 

a2ensite default-ssl

Enabling site default-ssl.

To activate the new configuration, you need to run:

  systemctl reload apache2

root@barneo:~# 

a2enmod ssl

Considering dependency setenvif for ssl:

Module setenvif already enabled

Considering dependency mime for ssl:

Module mime already enabled

Considering dependency socache_shmcb for ssl:

Enabling module socache_shmcb.

Enabling module ssl.

See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.

To activate the new configuration, you need to run:

  systemctl restart apache2

root@barneo:~# 

systemctl restart apache2

vi /etc/apache2/sites-available/virtual.host.conf

<VirtualHost *:80>

    DocumentRoot /var/www/virtual.host

    ServerName www.virtual.host

    ServerAdmin [email protected]

    ErrorLog /var/log/apache2/virtual.host.error.log

    CustomLog /var/log/apache2/virtual.host.access.log combined

    RewriteEngine On

    RewriteCond %{HTTPS} off

    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

</VirtualHost>

root@barneo:~# 

a2enmod rewrite

Enabling module rewrite.

To activate the new configuration, you need to run:

  systemctl restart apache2

root@barneo:~# 

systemctl restart apache2