Friday, July 6, 2018

Configure EC2 Instance Apache Web Server on Amazon Linux 2 to Use SSL/TLS

step: 1

[ec2-user~] sudo yum update -y

Now that Your Instance is current , add SSL/TLS suppport by installing the Apache Module mod_ssl


Pre-Request

Configure your security group to allow your instance to accept connections on the following TCP ports:

SSH (port 22)
HTTP (port 80)
HTTPS (port 443


CentOS-7.X 

[ec2-user ~]$ sudo systemctl is-enabled httpd
sudo systemctl start httpd && sudo systemctl enable httpd

CentOS-6.X

Step 2

sudo yum install mod24_ssl

It have been installed mod_ssl TO configure an Modssl

The configuration file for mod_ssl. It contains "directives" telling Apache where to find encryption keys and certificates


Copy your existing SSL certificate to below mentioned path .

/etc/pki/tls/certs/example_domainname_com-ca.crt
/etc/pki/tls/private/example_domainname_com.key
/etc/pki/tls/certs/example_domainname_com.crt

/etc/httpd/conf.d/example.domainname.com.conf
<VirtualHost *:80>
    ServerName example.domainname.com
    DocumentRoot /var/www/vhosts/example.domainname.com/public_html

    CustomLog /var/www/vhosts/example.domainname.com/statistics/logs/access_log combined
    ErrorLog  /var/www/vhosts/example.domainname.com/statistics/logs/error_log

    <Directory /var/www/vhosts/example.domainname.com/public_html>
        Options -Includes +FollowSymLinks +MultiViews
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <IfModule mod_jk.c>
       JkMount /* myworker
    </IfModule>
</VirtualHost>

<VirtualHost *:443>
            ServerName example.domainname.com
            ServerAlias www.example.domainname.com
            DocumentRoot /var/www/vhosts/example.domainname.com/public_html
        SSLEngine ON
        SSLCACertificateFile /etc/pki/tls/certs/example_domainname_com-ca.crt
        SSLCertificateKeyFile /etc/pki/tls/private/example_domainname_com.key
        SSLCertificateFile /etc/pki/tls/certs/example_domainname_com.crt
            CustomLog /var/www/vhosts/example.domainname.com/statistics/logs/access_ssl_log combined
            ErrorLog  /var/www/vhosts/example.domainname.com/statistics/logs/error_ssl_log

            <Directory /var/www/vhosts/example.domainname.com/public_html>
                Options -Includes +FollowSymLinks +MultiViews
                AllowOverride All
                Order allow,deny
                Allow from all
            </Directory>
        </VirtualHost>


Once the configuration file completed

Step:3

execute the below command to reflect

httpd -t

/etc/init.d/httpd restart

That it enjoy the SSL installation experience !!!

No comments:

Post a Comment