Como crear un site https

0

En mi ultima instalacion use esta configuracion

<VirtualHost *:80>
  ServerName aulavirtual.escueladeco.edu.pe
  ServerAlias aulavirtual.escueladeco.edu.pe
  Redirect 301 / https://myweb.com
</VirtualHost>
<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/aulavirtual.escueladeco.edu.pe.crt
        SSLCertificateKeyFile /etc/pki/tls/private/aulavirtual_escueladeco_edu_pe_key.key
        <Directory /mnt/webapps/webappdrecajamarca/html>
		DirectoryIndex index.html index.php
		Options FollowSymLinks
        	AllowOverride All
		Require all granted
        </Directory>
        DocumentRoot /mnt/webapps/webappdrecajamarca/html
        ServerName aulavirtual.escueladeco.edu.pe
</VirtualHost>

Nuestro Apache requiere mod_ssl

yum install mod_ssl -y

Luego, requiere la creación de certificados globales:

cd /etc/httpd/

mkdir ssl

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/apache.key -out /etc/httpd/ssl/apache.crt

Luego de la creación de los certificados,  debemos configurar nuestro modo SSL.

Generate private key

​sudo openssl genrsa -out ca.key 2048

Generate CSR

​sudo openssl req -new -key ca.key -out ca.csr

Generate Self Signed Key

​sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

sudo cp ca.crt /etc/pki/tls/certs sudo cp ca.key /etc/pki/tls/private/ca.key sudo cp ca.csr /etc/pki/tls/private/ca.csr

Debemos editar: /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/localhost.crt

changes to:

SSLCertificateFile /etc/pki/tls/certs/ca.crt

SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

changes to:

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

sudo systemctl restart httpd

Finalmente, creamos nuestor virtualhost

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerAdmin proyectos@drinux.com
        ServerName sscc.drinux.com
        ServerAlias www.sscc.drinux.com
        DocumentRoot /var/www/sscc.drinux.com/htdocs
        ErrorLog /var/www/sscc.drinux.com/log/error.log
        CustomLog /var/www/sscc.drinux.com/log/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/httpd/ssl/apache.crt
        SSLCertificateKeyFile /etc/httpd/ssl/apache.key
        <FilesMatch ‘.(cgi|shtml|phtml|php)$’>
                        SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
        </Directory>
        <Directory ‘/var/www/sscc.drinux.com/htdocs’>
            AllowOverride All
        </Directory>

        BrowserMatch ‘MSIE [2-6]’
                        nokeepalive ssl-unclean-shutdown
                        downgrade-1.0 force-response-1.0
        BrowserMatch ‘MSIE [17-9]’ ssl-unclean-shutdown
    </VirtualHost>
</IfModule>

Finalmente, reiniciar apache:

service httpd restart