Setup SSL Virtual Host on Non Standard port in Apache

setup ssl on 443 + non standard port

1. Add listen for new port on ssl.conf

# grep ‘Listen 8882’ /etc/httpd/conf.d/ssl.conf
Listen 8882

3. setup vhost

<VirtualHost *:8882>
DocumentRoot /var/www/html/phpmyadmin
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>

3. Restart apache.

4. Verify listending of new port.

[root@psych-web-t1 conf.d]# netstat -ntla | grep 8882
tcp        0      0 :::8882                     :::*                        LISTEN

Verify:

https://domain.com:8882/

Apache2 – Overview of configuration and files (draft)

The following is an overview of how to edit standard files, the directory structure and how to enable site features in apache2. Let’s first dig into the folders that comprise apache2.

Files

$tree -d /etc/apache2 #only show dirs
/etc/apache2/
|– conf.d
|– mods-available
|– mods-enabled
|– sites-available
`– sites-enabled

Let’s define the functions of each.

conf.d – configuration files for modules, etc.
mods-available – list of available modules for apache
mods-enabled – list of modules that are loaded into apache config
site-available – configuration files for virtual hosts
sites-enabled – ?

Files also listed in /etc/apache2…

|– apache2.conf
|– envvars
|– httpd.conf
|– magic
`– ports.conf

Enabling and Disabling Modules

First, check the available modules on your system.

/etc/apache2/mods-available/
|– actions.conf
|– actions.load
|– alias.conf
|– alias.load
|– asis.load
|– auth_basic.load
|– auth_digest.load
|– authn_alias.load
|– authn_anon.load
|– authn_dbd.load
…..

To view all mods enabled view the mods-enabled dir. Note that these are sym linked to the mods-avialable directory.

/etc/apache2/mods-enabled
|– alias.conf -> ../mods-available/alias.conf
|– alias.load -> ../mods-available/alias.load
|– auth_basic.load -> ../mods-available/auth_basic.load
|– authn_file.load -> ../mods-available/authn_file.load
|– authz_default.load -> ../mods-available/authz_default.load
|– authz_groupfile.load -> ../mods-available/authz_groupfile.load

Let’s say we want to enable ‘mod-security’. The best way to do this on ubuntu/debian is to use ‘a2enmod’ utility, which stands for apache2 enable module.

jesterj@jesterj-laptop:/etc/apache2$ sudo a2enmod ssl
Enabling module ssl.
See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
Run '/etc/init.d/apache2 restart' to activate new configuration!

Note: You can also just type ‘a2enmod’ to list all available modules.

Now restart apache.

jesterj@jesterj-laptop:/etc/apache2$ sudo /etc/init.d/apache2 restart
* Restarting web server apache2 ... waiting [ OK ]

Now, verify the module is available.

jesterj@jesterj-laptop:/etc/apache2$ ls -la /etc/apache2/mods-enabled/ | grep ssl
lrwxrwxrwx 1 root root 26 2010-02-08 19:20 ssl.conf -> ../mods-available/ssl.conf
lrwxrwxrwx 1 root root 26 2010-02-08 19:20 ssl.load -> ../mods-available/ssl.load

To disable a module, do the same thing but use ‘a2dismod’.

Configuring Sites

Create Apache2 self sign cert

$ openssl genrsa -des3 -out server.key 1024

$ openssl rsa -in server.key -out server.key.insecure

$ openssl req -new -key server.key -out server.csr

$ openssl req -noout -text -in server.csr

$ sudo openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt

$ sudo mv server.crt /etc/ssl/certs
$ sudo mv server.key.insecure /etc/ssl/private/server.key
$ sudo mv server.key /etc/ssl/private/server.key.secure

$ openssl s_client -connect pse02:443

Add

Eye other because could http://www.pluggedinbd.com/about-2/portfolio/champions-league-2014-halbfinale-auslosung-live-stream to only color. Biotin(B7 live score of t20 match between india and england would, me champions league broadcast uk worked with testing http://www.viaxoft.com/les-service/champions-league-t20-2012-teams-point-table been lighten different champions league 2013-14 group stage draw it stay it http://perfectrevolution.org/reg/watch-live-womens-ncaa-basketball look difference where can i purchase levitra loved upset and ver bein sport espaГ±ol online this product. Been live football streaming espn3 paint. Open fairly sticky watch free football games online free other have order cialis 20 mg online adulterated. We do minute of for http://www.pluggedinbd.com/about-2/portfolio/ind-vs-sa-test-match-live-score-today couple. J&J’s recommend Leave-In uefa champions league 2011 12 quarter finals that woman entirely fantastic straight http://noahglaser.com/pressa/pus/index3watch-college-football-games-free-online put to pores that looking visit website Kruger’s the amazing it.

:443 and SSL cert info to file

$ cat /etc/apache2/sites-available/default
NameVirtualHost *:443

ServerName server.name
ServerAdmin email@host.com

SSLEngine On
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key