Apache-ssl
apache-ssl docs:
http://mars.post1.com/home/ngps/m2/howto.ca.html
Installed apache-ssl from ports, edited the config file located at:
/usr/local/etc/apache/httpsd.conf
For now just providing basic service, until I get the website data itself migrated from the old server.
Created a startup script in /usr/local/etc/rc.d. Don't forget to make it executable :)
#!/bin/sh - # # initialization/shutdown script for apache-ssl case "$1" in start) /usr/local/sbin/httpsdctl start && echo -n ' apache-ssl' ;; stop) /usr/local/sbin/httpsdctl stop && echo -n ' apache-ssl' ;; *) echo "unknown option: $1 - should be 'start' or 'stop'" >&2 ;; esac
I have finished rsyncing the websites up; next step is to get php and mysql happy, then migrate the config files.
SSL Certificates: I'm creating my own. Screw the man.
Configure the main apache config file by customizing defaults. Items of interest include default log paths, and the following related to SSL:
SSLDisable SSLCacheServerPath /usr/local/sbin/gcache SSLCacheServerPort /var/log/httpsd/gcache_port SSLCacheServerRunDir /var/tmp SSLSessionCacheTimeout 300 SSLCACertificateFile /usr/local/etc/apache/CA/cacert.pem SSLCertificateFile /usr/local/etc/apache/CA/server_cert.pem SSLCertificateKeyFile /usr/local/etc/apache/CA/server_key.pem
Add Listen and NameVirtualHost directives as needed. In this example, both names point to 1.2.3.4
Listen 1.2.3.4:80 Listen 1.2.3.4:443
NameVirtualHost www.domain.com:80 NameVirtualHost secure.domain.com:443
I like to put my vhost configs into their own files, so at the end of the main config file:
Include /usr/local/etc/apache/vhosts/*.conf
Here is a sample vhost block. If this was to be an SSL enabled site, we would use 443 instead of 80 and add the SSLEnable directive.
<VirtualHost www.domain.com:80> ServerAdmin you@domain.com DocumentRoot /home/websites/hotstuff ServerName www.domain.com ServerAlias domain.com ErrorLog /var/log/httpsd/hotstuff-error.log CustomLog /var/log/httpsd/hotstuff-access.log combined <Directory "/home/websites/meta"> Options Indexes -FollowSymLinks MultiViews AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost>
Perhaps someday I'll do apache2: http://www.openna.com/documentations/articles/apache/index.php
back to meta