Self-Signed Certs for Apache in FreeBSD
The following procedure shows how to apply self-signed certificates to the Apache web server in FreeBSD.
After creating and installing the TLS/SSL certificate/key pair, they can be utilized to secure FreeBSD web services with encryption during the development and testing process. It is important to keep in mind that self-signing may be deemed UNTRUSTWORTHY in a production environment.
user@host: $ su -
2. Go to the directory containing the Apache site configuration files.
root@host: # cd /usr/local/etc/apache24/extra
3. BACK UP the default HTTPS configuration file for the secure site.
root@host: # cp httpd-ssl.conf httpd-ssl-conf.back
4. Open the default HTTPS configuration file.
root@host: # ee httpd-ssl.conf
5. Find and modify the following Apache directives.
# BEGIN CODE
# ...
SSLCertificateFile "/usr/local/etc/apache24/server.crt"
# The self-signed certificate.
SSLCertificateKeyFile "/usr/local/etc/apache24/server.key"
# The key for the self-signed certificate.
# ...
# END CODE
6. Restart the web server.
root@host: # service apache24 restart
7. Log out from "root".
root@host: # exit
==========
For Debian-based Linux distributions, the process is similar but some file paths and commands are different as shown here.
==========
Comments
Post a Comment