[wplug] configuring httpd.conf to serve https webpages

Emilio Xavier Esposito emilio.esposito at gmail.com
Mon Jul 27 16:23:54 EDT 2009 

Hi
I have setup a wiki and would like to insure that the passwords and
data sent between the browser and the webserver are encrypted.  The
username and password access for the website works but I have not been
able to figure out the secure connection.  Using the httpd.conf
(relevant portions below) the apache 2.0 webserver does not start and
no errors are currently returned to the log.  I am using MAMP
(www.mamp.info) on Mac OS X 10.5.7 without any modifications.

I have created the server.crt and server.key files using the following
commands and placed them in the
/Library/WebServer/Documents/wiki/ssl.crts directory.
$ openssl genrsa -des3 -out server.key 1024
$ openssl req -new -x509 -nodes -sha1 -days 730 -key server.key -out server.crt

I would be very appreciative if someone could please point me in the
right direction with respect to what I need to change in my httpd.conf
(below) or if I have missed a step.  Once I have everything working I
plan on changing the allow/deny order and specifying specific IP
address ranges.  Also, what should be placed or changed in the default
ssl.conf file?

I have put together the httpd.conf file below using the information
from this apache.org webpage
http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html but feel like
there is some information that I have missed.

Thank you for your time and help
Emilio

from the httpd.conf file:

Listen 80
Listen 443

<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
</IfDefine>


# the SSL certificate information
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLCACertificateFile    /Library/WebServer/Documents/wiki/ssl.crts/server.crt
SSLCACertificateKeyFile /Library/WebServer/Documents/wiki/ssl.crts/server.key


<Directory "/Library/WebServer/Documents/wiki">
    Options All

    SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
    SSLOptions +StrictRequire
    SSLVerifyClient require
    SSLVerifyDepth 1
    RewriteEngine on
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/secure(.*) https://%{SERVER_NAME}/secure$1 [R,L]

# the SSL certificate information
    SSLProtocol all
    SSLCipherSuite HIGH:MEDIUM

#   Allow Network Access and/or Basic Auth
    Satisfy any

#   Network Access Control
    Order allow,deny
    Allow from all

# the users info
    AuthType Basic
    AuthName AChEproject
    AuthUserFile "/Users/manny/.htpasswd"
    Require user jane manny moe jack beth

</Directory>

More information about the wplug mailing list