Creating a Self-Signed Certificate is not very complicated. This guide will show you a step by step procedure how to do it on Debian.
STEP 1
- The first step is to make sure that open-ssl and Apache2 packages are on your system. If not you can always download them from the packagae website.All you need to do is open your konsole and type
apt-get install apache2 openssl
Be sure that you are root (su). If the packages are not instaled on the server it will automatically download them from the package site and install.
STEP 2
- The second step is to start creating the Certificate File. To that you can use "wrapper" command that will assist you in the process. The command is as folows
/usr/sbin/apache2-ssl-certificate
After typeing in the command, you will be prompted to answer some questions. Go ahead and answer them
STEP 3
After the question period you have to make sure that the ssl mode is enabled. The command is
a2enmod ssl
STEP 4
Next step involves creating a default page. You can copy and modify the default site that is available in /etc/apache2/sites-available directory.Use your favorite text editor, for example pico to edit the default site. Modify the default site so the server will listen on port 443 for incoming secure connections.Example:
NameVirtualHost *:443 <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem
STEP 5
After creating your SSL site, its time to enable it. To enable your newly created site you need to run this command.
a2ensite ssl
Where "ssl" should be replace by the name of the site you have created in STEP 4.
STEP 6
It is very important to tell the server to listen on port 443. Thats why you need to add a line to ports.conf (/etc/apache2/ports.conf) file. After the modification your file should look something like this:
Listen 443 Listen 80
STEP 7
Now restart the apache server to apply the changes.
/etc/init.d/apache2 restart
STEP 8
Open your browser and type:
https:\\127.0.0.1
The loop-back address should take you to the default apache page and dispaly the Certificate prompt.
If you have any questions or comments, please drop me a line at konrad@atwaterlibrary.ca
This site is dedicated to Daniel Enright, a man that opend my eyes on to the World of Linux.