SSL Configuration
-
Does anybody have an apache config for using self signed certs? I tried using the basic settings from the default-ssl.conf but apparently there is some conflict with the other settings in the i-doit config file and the HTTPS wasn't working after I enabled it and restarted apache. Any help would be appreciated, I'm not particularly good with Apache web servers.
-
(make a backup of your system and run all commands as root
Create new certificates and keys and refer to them later.
So you can at least create the hostname to match the certificate.
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/idoit-company-local.key -out /etc/ssl/certs/idoit-company-local.crtActivate SSL module of Apache
a2enmod sslAdjust Default SSL Configuration
Reasons for adjustment
- listen to all hostnames
- Correct Server Admin
- own logs for SSL connections
- Include your own generated certificates
- directory /var/www/html run all configurations to customize themselves
root@idoit:/etc/apache2/sites-available# git diff default-ssl.conf diff --git a/apache2/sites-available/default-ssl.conf b/apache2/sites-available/default-ssl.conf index 7e37a9c..00eb69a 100644 --- a/apache2/sites-available/default-ssl.conf +++ b/apache2/sites-available/default-ssl.conf @@ -1,6 +1,6 @@ <IfModule mod_ssl.c> - <VirtualHost _default_:443> - ServerAdmin webmaster@localhost + <VirtualHost *:443> + ServerAdmin admin@company.com DocumentRoot /var/www/html @@ -10,8 +10,9 @@ # modules, e.g. #LogLevel info ssl:warn - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined + ErrorLog ${APACHE_LOG_DIR}/error-ssl.log + CustomLog ${APACHE_LOG_DIR}/access-ssl.log combined + Loglevel warn # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to @@ -29,8 +30,8 @@ # /usr/share/doc/apache2/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. - SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem - SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + SSLCertificateFile /etc/ssl/certs/idoit-company-local.crt + SSLCertificateKeyFile /etc/ssl/private/idoit-company-local.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the @@ -127,6 +128,10 @@ # BrowserMatch "MSIE [2-6]" \ # nokeepalive ssl-unclean-shutdown \ # downgrade-1.0 force-response-1.0 + <Directory /var/www/html> + AllowOverride All + Require all granted + </Directory> </VirtualHost> </IfModule>Activate Default SSL Configuration
a2ensite default-sslRestart Apache
systemctl restart apache2 -
@proofy may I ask you for your help? I've followed your guide on my Debian-based machine. On my machine, http works perfectly fine. As soon as I try to access my i-doit via https, I'm seeing a totally weird page which appears like that:
Any idea what this could be?
-
@Makorus-Makar I just started from scratch, it works now, thanks!
-
Hi @proofy & @all,
I'm experiencing the same problem. I tried your procedure on two different systems.
Ubuntu 20.04.1
I-doit itself and the following packages have been downloaded/installed by the i-doit-installer-script
PHP 7.4.3
Apache 2.4.41
MariaDB 15.1May I ask for your help? thx
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login