December 3rd, 2008
Get SSL running on Apache (CentOS)
I was playing with a new virtual server that had CentOS installed on it recently, and wanted to get SSL working for Apache. Since I was only setting up a development server I really didn’t need to purchase a certificate and decided to use a self-signed certificate. Here is what I did:
First I needed to get ‘make’ and ‘mod_ssl’ running to allow for this. (I use sudo but you could login as su)
sudo yum install make
sudo yum install mod_ssl
Next I did the following steps:
- Go to
/etc/pki/tls/certs - Run the command
sudo make mycert.pem - Enter the information you are prompted for about country, state, city, host name etc, your certificate and key has been created
- Now edit
/etc/httpd/conf.d/ssl.confand update the following items: SSLCACertificateFile /etc/pki/tls/certs/mycert.pemSSLCACertificateKeyFile /etc/pki/tls/mycert.pem- I was forced to create a symbolic link for the SSLCACertificateKeyFile as follows: (I think this was supposed to happen automagically.)
- I went to
/etc/pki/tlsand created the symbolic link using the next line. sudo ln -s certs/mycert.pem mycert.pem- Restart Apache (
/etc/init.d/httpd restart)
There, now you have a self-signed certificate for your apache virtualhosts.