| Configure SSL/TLS setting to use secure encrypt HTTPS connection. | |
| [1] | Get SSL Certificate, refer to here. |
| [2] | Enable SSL/TLS settings. |
| root@barneo:~#
vi /etc/apache2/sites-available/default-ssl.conf # line 3 : change admin email
webmaster@barisdemirtas.com.tr # line 32,33 : change to the certs gotten in section [1]
SSLCertificateFile /etc/letsencrypt/live/www.barisdemirtas.com.tr/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.barisdemirtas.com.tr/privkey.pem
# line 42 : uncomment and change to the chain-file gotten in section [1]
SSLCertificateChainFile /etc/letsencrypt/live/www.barisdemirtas.com.tr/chain.pem
root@barneo:~# a2ensite default-ssl
Enabling site default-ssl. To activate the new configuration, you need to run: systemctl reload apache2
root@barneo:~# a2enmod ssl
Considering dependency setenvif for ssl: Module setenvif already enabled Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: Enabling module socache_shmcb. Enabling module ssl. See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates. To activate the new configuration, you need to run: systemctl restart apache2
root@barneo:~# systemctl restart apache2 |
| [3] | If you’d like to set HTTP connection to redirect to HTTPS (Always on SSL/TLS), Set RewriteRule to each Host settings. Add RewriteRule like follows. Or It’s possible to set RewriteRule in [.htaccess] not in [httpd.conf]. |
| root@barneo:~#
vi /etc/apache2/sites-available/virtual.host.conf <VirtualHost *:80> DocumentRoot /var/www/virtual.host ServerName www.virtual.host ServerAdmin webmaster@virtual.host ErrorLog /var/log/apache2/virtual.host.error.log CustomLog /var/log/apache2/virtual.host.access.log combined RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] </VirtualHost>
root@barneo:~# a2enmod rewrite
Enabling module rewrite. To activate the new configuration, you need to run: systemctl restart apache2
root@barneo:~# systemctl restart apache2 |
| [4] | Verify to access to the test page from any client computer with Web browser via HTTPS. |
No responses yet