1.安裝apache2
sudo apt-get install apache2
2.啟用SSL模組
sudo a2enmod ssl
訊息如下:
Enabling module ssl.
See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
service apache2 restart
3.重新啟動apache2
sudo service apache2 restart
4.建立存放金鑰相關資料的目錄
sudo mkdir /etc/apache2/ssl
5.建立金鑰
金鑰的有效期限是365天
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
接著會要求填入資料
Country Name (2 letter code):TW
State or Province Name (full name) [Some-State]: Taiwan Republic Of China
Locality Name (eg, city) []:Taipei
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Company Name
Organizational Unit Name (eg, section) []:Sys-Net
Common Name (e.g. server FQDN or YOUR name) []:serverName.example.com
Email Address []:root@example.com
6.設定apache
sudo gedit /etc/apache2/sites-available/default
假設原內容如下
< VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Options FollowSymLinks
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ “/usr/share/doc/”
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
將其複製並於檔案最下貼上複製內容,並修改為紅字顯示的內容
< VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName example.com:443
DocumentRoot /var/www
Options FollowSymLinks
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ “/usr/share/doc/”
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
7.重新啟動apache
sudo service apache2 restart
上方設定可使您的網站可使用http或https登入
若需強迫使用https連結您的網站
可刪除以下區段文字
< VirtualHost *:80>
…
並保留以下區段文字
< VirtualHost *:443>
…
references: http://kirby86a.pixnet.net/blog/post/95136568-ubuntu-12.04%E5%95%9F%E7%94%A8apache%E7%9A%84-ssl
https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04
http://wiki.weithenn.org/cgi-bin/wiki.pl?SSL_Certificate-%E8%87%AA%E8%A1%8C%E7%94%A2%E7%94%9F_SSL_%E6%86%91%E8%AD%89
[linux] Ubuntu 12.04啟用apache的 SSL
分類:linux