Web Services: Configuring a Web Server for HTTPS on Apache

10 minutes
  • 2 Learning Objectives

About this Hands-on Lab

One of the first steps to securing any website should be to enable SSL encryption. Whether you sign your own certificate or purchase one from a third-party, the configuration is the same, and some steps are similar. This lab will allow you to practice and learn those steps and configurations.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Generate signing request and key, and sign the Certificate
  1. First, we should elevate to root:

    sudo -i
  2. Now we should navigate somewhere to store these certificates. We could just use the default location, but I prefer keeping the certificates with the application they’re protecting.

cd /etc/httpd/conf/
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

This will ask a lot of questions about where the certificate is being used. For a self-signed certificate in a temporary lab environment, just accept the default. In a production environment, you should fill all the information out.

  1. Now we sign the request:
    openssl x509 -req -in server.csr -signkey server.key -out server.crt

With that done, we need to set up Apache.

Configure Apache
  1. First, we should install the required module:

    yum install mod_ssl -y
  2. Edit the SSL configuration file to set the location of the SSLCertificateFile and SSLCertificateKeyFile:

    vim /etc/httpd/conf.d/ssl.conf
  3. Make sure we have an HTML file to serve:

    cd /var/www/html
    echo "This is SSL" > index.html
  4. Restart Apache:

    systemctl restart httpd
  5. Verify that everything is being served correctly:

    curl https://localhost
    curl https://localhost -k

Remember, the error you receive on the first curl is because we’re using a self-signed certificate. If that’s the only error (verified by the second curl), then you’ve completed the steps correctly, and you’re done!

Additional Resources

You've been tasked with setting up SSL on a new website. Create the signing request and key, generate the certificate, and configure Apache to use that certificate.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?