Published December 22, 2017 by

Configure SSL in Apache Linux and Auto Redirect HTTP to HTTPS

Configure Apache

In order to configure SSL, you will need to ensure that the Apache mod_ssl module is installed on your system. You can do so by running the following command:

# yum install mod_ssl

Edit the virtual host entries in the /etc/httpd/conf.d/ssl.conf file to include the certificate files and virtual host information that should be used by each domain. For each virtual host, replicate the configuration shown below. Replace each mention of www.serverkaka.com with your own domain.
File excerpt: /etc/httpd/conf.d/ssl.conf

<VirtualHost *:443>
ServerName www.serverkaka.com
DocumentRoot /var/www/html/

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine On
SSLCertificateFile /etc/httpd/certs/serverkaka.com.crt
SSLCertificateKeyFile /etc/httpd/certs/serverkaka.com.key
SSLCACertificateFile /etc/httpd/certs/serverkaka.com-int.crt

SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Restart Apache

# service httpd restart

Test Your Configuration

 Test your SSL configuration chain using this link.


Auto Redirect HTTP to HTTPS

Edit the virtual host entries in the /etc/httpd/conf/httpd.conf. Replace each mention of www.serverkaka.com with your own domain.
File excerpt: /etc/httpd/conf/httpd.conf

<VirtualHost *:80>

 RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]

</VirtualHost>

OR

You can simply set Redirect Permanent Rule

<VirtualHost *:80>

 <Location />
Redirect permanent / https://www.serverkaka.com/
</Location>

</VirtualHost>

Step 3: Restart Apache

# service httpd restart

, , , ,