Skip to Content

You are here

Home » Blogs » extremeprath's blog

Enable SSL or HTTPS on Ubuntu 11.04 with Apache 2

Submitted by extremeprath on Mon, 11/14/2011 - 12:09

This article refers to those people who want to enable their ssl on their local system or on servers.
More specifically on Ubuntu 11.04 and Apache2 we have to use fullowing commands to install apache2 and ssl.

1. First to install apache2
sudo apt-get install apache2
2. Then to install the ssl-certificate
sudo apt-get install ssl-cert
3. To create the ssl directory
sudo mkdir /etc/apache2/ssl
4. Hardcoding cert lifetime
sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

5. Install the ssl module and reload apache ( if not reloading use restart instead )
sudo a2enmod ssl
sudo /etc/init.d/apache2 force-reload

6. Make a copy of the default virtualhost

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl

7.Modify the same with
sudo nano -w /etc/apache2/sites-available/ssl

As given below :

NameVirtualHost *:443
<virtualhost *:443>
ServerAdmin webmaster@localhost

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem

DocumentRoot /var/www/
<directory />
Options FollowSymLinks
AllowOverride None
</directory>

<directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2's default start page
# in /apache2-default/, but still have / go to the right place
# Commented out for Ubuntu
#RedirectMatch ^/$ /apache2-default/
</directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<directory "/usr/lib/cgi-bin">
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</directory>

ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"
<directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</directory>

</virtualhost>

8. Enable SSL virtualhost
sudo a2ensite ssl
sudo /etc/init.d/apache2 reload

9. Modify the default file for the http

sudo nano -w /etc/apache2/sites-available/default.

Add following in the file :
NameVirtualHost *:80
<virtualhost *:80>

10. Restart apache server

sudo /etc/init.d/apache2 restart

Troubleshoot :
If it still doesn't work out you have to check for the error :

ssl_error_rx_record_too_long and Apache SSL

and run the following command :
a2ensite default-ssla2ensite default-ssla2ensite default-sslsudo a2ensite default-ssl

It worked for me.. hope it will work for you too .. :)

After this I used rpx and it worked like charm.

Tags: 
Linux