Shravan Kumar Kasagoni

Skip Navigation
How to Install and Configure the Apache HTTP Server with SSL on Red Hat Linux

How to Install and Configure the Apache HTTP Server with SSL on Red Hat Linux

 /  Leave a response

This blog post shows how to install and set up the Apache HTTP Server with SSL on Red Hat Linux (7.x), and we can follow the similar steps for other flavors of Linux.

Step 1: Install Apache HTTP Server

sudo yum install httpd

Step 2: Enable and start the httpd service

sudo systemctl enable httpd.service
sudo systemctl start httpd.service

Step 3: Enable the required ports

sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT

In above the step we enabled port 80 for http and 443 for https traffic. To configure the SSL, we need to install an additional module mod_ssl.

Step 4: Install mod_ssl module

sudo yum install mod_ssl

This blog post assumes you already have a digital certificate (my-web-site.crt) and private key (my-web-site-private.key).

Step 5: Create a folder and set the correct permission to copy the certificate and private key

mkdir /etc/ssl/certs
cp my-web-site.crt /etc/ssl/certs/
cp my-web-site-private.key /etc/ssl/certs/
chmod 700 -R /etc/ssl/certs/

Step 6: Open and update the ssl.conf file

sudo vi /etc/httpd/conf.d/ssl.conf

Step 7: Uncomment DocumentRoot, ServerName under <VirtualHost _default_:443> in ssl.conf file and update with following

DocumentRoot "/var/www/my-web-site/public_html"

Step 8: Find the SSLProtocol and SSLCipherSuite and comment them

# SSLProtocol all -SSLv2 -SSLv3

Step 9: Find the SSLCertificateFile and SSLCertificateKeyFile lines and change them to the directory we made at /etc/httpd/ssl/certs

SSLCertificateFile /etc/ssl/certs/my-web-site.crt
SSLCertificateKeyFile /etc/ssl/certs/my-web-site-private.key

Step 10: Modify the Unencrypted Virtual Host File to Redirect to HTTPS from HTTP

sudo vi /etc/httpd/conf.d/non-ssl.conf

Add the following config lines to non-ssl.conf

<VirtualHost *:80>
  Redirect "/" ""

Step 11: Verify the Apache configuration is ok

sudo apachectl configtest

Step 12: Stop and start apache to reflect the new SSL configuration

sudo systemctl stop httpd
sudo systemctl start httpd

Now the site is secured with SSL, and even any tries to access the website using HTTP, the website redirects to https.

Write a response

Your email address will not be published.

All code will be displayed literally.