Setting up SSL for domains

Discussion in 'Installation/Configuration' started by Sir Jake, May 30, 2011.

  1. Sir Jake

    Sir Jake New Member

    Hello there I'm trying to setup SSL on my server.

    Here is the info that I seen on their site on how to setup it.


    To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file:

    LoadModule ssl_module modules/mod_ssl.so

    Listen 443

    <VirtualHost _default_:443>
    DocumentRoot /home/httpd/private
    ErrorLog /usr/local/apache/logs/error_log
    TransferLog /usr/local/apache/logs/access_log
    SSLEngine on
    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

    SSLCertificateFile /usr/local/apache/conf/ssl.crt
    SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
    SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
    SSLCACertificateFile /usr/local/apache/conf/ca.pem
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    CustomLog /usr/local/apache/logs/ssl_request_log \
    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    </VirtualHost>


    Would I just add this to my httpd.conf at the moment it's just empty but I'm not sure if that would be the right place to put it or not.

    Thanks for any help.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Do you use ispconfig? If yes, then ssl is configured trough ispconfig, dont add the above to your httpd.conf then! Just enable ssl in the website and create the ssl cert in ispconfig. No need to insert any code in the config file.
     
  3. Sir Jake

    Sir Jake New Member

    Would that work to make it a certified ssl certificate?

    I want my users to be able to just go to our site without firefox or IE to tell them it's not a trusted site or anything like that.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes. Create a self signed ssl cert in ispconfig. ISPconfig creates then a csr for you that can be signed by a ssl authority. Then you get a signed ssl cert back that you can store in the ssl cert field in ispconfig.

    The steps are explained in detail in the ispconfig manual too.
     

Share This Page