Dec 182006
 

Sponsored Link

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Install apache2 in debian etch

#apt-get install apache2

Install openssl using the following command

#apt-get install openssl ssl-cert

Install PHP5 support for apache2 in debian etch

#apt-get install libapache2-mod-php5 php5-cli php5-common php5-cgi

Once you install apache server you need to Generate a certificate,Enable Apache SSL support and Configure your SSL options.

Generate A certificate

Generating a certificate will provide to protect the traffic exchanged between clients and your server, however it will be unsigned by a trusted certificate authority so it will generate warnings.

If you want to avoid these warning messages you need to get a trusted certificate from SSL certificate vendors.If you want to Generating an SSL certificate for Apache2 you need to use the openssl. This will ask you questions interactively then generate the certificate file appropriately.

Note:-For generating certificate you might have used the apache2-ssl-certificate command in debian sarge but in debian etch this command not available.If you want to generate certificates you need to use openssl from you command prompt Use the following command to generate certificates

#openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem

Generating a 1024 bit RSA private key
.................................................++++++
...........................................++++++
writing new private key to ‘/etc/apache2/apache.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:London
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Debian
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

This will complete the certificate now you need to make sure you have the correct permissions for .pem file if not use the

following command to set the correct permissions

#chmod 600 /etc/apache2/apache.pem

By default the server will listen for incoming HTTP requests on port 80 -- and not SSL connections on port 443. So you need to enable SSL support by entering the following entry to the file /etc/apache2/ports.conf save and exit the file.

Listen 443

Enable SSL Support

If you want to enable SSL support for your apache web server you need to use the following comamnd

#a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.

Now you need to restart the apache2 server using the following command

#/etc/init.d/apache2 restart

Configuring SSL Certificate to Virtual Hosts in Apache2

First you need to edit the /etc/apache2/sites-available/default file change

NameVirtualHost *
to

NameVirtualHost *:80
NameVirtualHost *:443

Now you need to configure Virtual hosts using port 80

Example
ServerAdmin webmaster@localhost
.
.
.
configure Virtual hosts using port 443 the main difference is you need to use the following two lines for each SSL hosts.

SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem

Example
ServerAdmin webmaster@localhost
.
.
.
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem

Now you need to restrat your apache web server using the following comamnd

# /etc/init.d/apache2 reload

Reloading web server config... XXXX

Sponsored Link

 Posted by at 8:29 am

  60 Responses to “Install and Configure Apache2 with PHP5 and SSL Support in Debian Etch”

  1. My installation of Apache with SSL had the VirtualHosts configuration for HTTP and HTTPS split in two files: /etc/apache2/sites-available/default (80) and /etc/apache2/sites-available/default-ssl (443).

    I actually didn’t have to do anything with the ports.conf, because the “Listen 443″ was already included within the “” tag condition. Adding the standalone “Listen 443″ (outside this tag) actually resulted in error.

    So after I completed all the configuration and verified that apache listens on both the 80 and 443 ports (using “telnet localhost 80″ and “… 443″) I still couldn’t connect to https://… from the outside world. I kept getting the “Invalid method in request” in my error.log.

    The solution was extremely simple… I had to make a symbolic link from the /etc/apache2/sites-enabled directory to the default-ssl file in ../sites-available via the command:

    ln -s 001-default-ssl ../sites-available/default-ssl

    , where the “001-default-ssl” was merely chosen – use can use whatever other name you wish.

    I hope this will help. I am pretty unskilled apache administrator, so if this was clear to everyone around here, sorry :)

  2. Sorry, the command above should have been:

    ln -s ../sites-available/default-ssl 001-default-ssl

    , and the tag I was referring to was (got eaten up by this editor): <IfModule mod_ssl.c>

  3. Thanks Man.
    I was working on the same problem since last 4 days. But cant derive the solution. But your post has done it.
    Nice work..
    Keep it up.

  4. I am having a problem with ubuntu dapper php5 and apache2 ssl. php pages work fine over http but I get a blank page with https, no error message in logs.
    Other https pages seem fine. Any ideas?

  5. I have installed Debian and apache server and php.
    When I am connecting to apache server shows following:
    Warning: Unknown: failed to open stream: Permission denied in Unknown on line 0

    Fatal error: Unknown: Failed opening required ‘/var/www/index.php’ (include_path=’.:/usr/share/php5′) in Unknown on line 0

    Where is problem ?I am beginner.
    Can we help me please ?
    Thanks a lot
    Pavol

  6. I get the error given below in Firefox despite following steps given above.

    (Error code: sec_error_untrusted_issuer)

    I am using Ubuntu 8.04 with Apache2 and php5. I do not get this error in Internet Explorer.

  7. sorry, but these hints are totally outdated and should be corrected.

    read /usr/share/doc/apache2.2-common/README.Debian.gz instead and follow those few steps. it’s very easy.

  8. You don’t need to edit any files to have support of ssl. Just input

    a2ensite default-ssl

    command nad you are done.

  9. Refer the command line:

    #openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem

    It states that the certificate and the private key is to be written to the same file. Is this the case ?

  10. Thanks a million for this article :).

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>