[wplug] configuring httpd.conf to serve https webpages
Emilio Xavier Esposito
emilio.esposito at gmail.com
Mon Jul 27 16:23:54 EDT 2009
Hi
I have setup a wiki and would like to insure that the passwords and
data sent between the browser and the webserver are encrypted. The
username and password access for the website works but I have not been
able to figure out the secure connection. Using the httpd.conf
(relevant portions below) the apache 2.0 webserver does not start and
no errors are currently returned to the log. I am using MAMP
(www.mamp.info) on Mac OS X 10.5.7 without any modifications.
I have created the server.crt and server.key files using the following
commands and placed them in the
/Library/WebServer/Documents/wiki/ssl.crts directory.
$ openssl genrsa -des3 -out server.key 1024
$ openssl req -new -x509 -nodes -sha1 -days 730 -key server.key -out server.crt
I would be very appreciative if someone could please point me in the
right direction with respect to what I need to change in my httpd.conf
(below) or if I have missed a step. Once I have everything working I
plan on changing the allow/deny order and specifying specific IP
address ranges. Also, what should be placed or changed in the default
ssl.conf file?
I have put together the httpd.conf file below using the information
from this apache.org webpage
http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html but feel like
there is some information that I have missed.
Thank you for your time and help
Emilio
from the httpd.conf file:
Listen 80
Listen 443
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
</IfDefine>
# the SSL certificate information
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
SSLCACertificateFile /Library/WebServer/Documents/wiki/ssl.crts/server.crt
SSLCACertificateKeyFile /Library/WebServer/Documents/wiki/ssl.crts/server.key
<Directory "/Library/WebServer/Documents/wiki">
Options All
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
SSLOptions +StrictRequire
SSLVerifyClient require
SSLVerifyDepth 1
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/secure(.*) https://%{SERVER_NAME}/secure$1 [R,L]
# the SSL certificate information
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
# Allow Network Access and/or Basic Auth
Satisfy any
# Network Access Control
Order allow,deny
Allow from all
# the users info
AuthType Basic
AuthName AChEproject
AuthUserFile "/Users/manny/.htpasswd"
Require user jane manny moe jack beth
</Directory>
More information about the wplug
mailing list