This page describes the activation of HTTPS with Apache.
To generate a certificate (or a CSR), please take a look at OpenSSL.
Then copy the private key and the certificate inside a pem file, for example into /etc/apache2/ssl/.
To enable HTTPS, Apache needs to listen at the port 443. Check the file /etc/apache2/ports.conf :
Listen 80 Listen 443
mod-ssl needs to be enable :
bender:/etc/apache2# a2enmod ssl Module ssl installed; run /etc/init.d/apache2 force-reload to enable. bender:/etc/apache2# /etc/init.d/apache2 force-reload Forcing reload of web server (apache2)... waiting . bender:/etc/apache2#
Finally, we need to enable SSL on a virtual host.
The commands commonly used are :
NameVirtualHost *:443 <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/apache2/ssl/mat.homeftp.org.pem ServerAdmin webmaster@localhost DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all # This directive allows us to have apache2's default start page # in /apache2-default/, but still have / go to the right place RedirectMatch ^/$ /apache2-default/ </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost>