Setting up an SSL secured Webserver with CentOS

by | 7 Aug 2015 | CentOS, Linux, OS, PHP, Programming, Server, Technology | 0 comments

This guide will teach you how to configure and setup your own SSL certification on your CentOS web server.

1. Install required software

Use yum to get the following software if its not yet installed on your web server.

yum install mod_ssl openssl

2. Generate a self-signed certificate

The following steps guides you on how to generate your own self-signed certificate.

Generate private key

openssl genrsa -out ca.key 2048

Generate CSR

openssl req -new -key ca.key -out ca.csr

Generate self-signed key

openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Copy the files to the respective locations

cp ca.crt /etc/pki/tls/certs

cp ca.key /etc/pki/tls/private/ca.key

cp ca.csr /etc/pki/tls/private/ca.csr

In cased you have moved the files and not copied them, use the following command to correct SELinux

restorecon -RvF /etc/pki

Update Apache SSL configuration file

sudo nano +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

Modified the paths to match where the new Key is stored

SSLCertificateFile /etc/pki/tls/certs/ca.crt

Then set the correct path for Certification Key file

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Finally quit and save the file then restart Apache

sudo service httpd restart

3. Configure firewall

The last step to setting up your own SSL certificate is to configure the firewall to accept requests from port 443, which is used for SSL connections.

Command to accept port 443 requests

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Save ip table

/sbin/service iptables save

iptables -L -v

 

That’s it! Your web server is now configured and ready for SSL connections.

Feel free to drop me any questions you have at [email protected].

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Related Posts

BrowserGoogle ChromeProgrammingTechnology
[Google Chrome Developer Ti] Prevent Warning "Your connection is not private" from appearing 5
[Google Chrome Developer Tip] Prevent Warning “Your connection is not private” from appearing

[Google Chrome Developer Tip] Prevent Warning “Your connection is not private” from appearing

This is probably more applicable to web developers. Many times when we try to run a localhost site with https in our local environment to emulate the production environment as close as possible, we will always run into a Google Chrome warning message "Your...

AndroidAppleBrowserGoogle ChromeInternet ExplorerLinuxMicrosoft EdgeMobile PhonesMozilla FirefoxOSSafariTechnology
How to do a hard refresh for Chrome, Safari, Firefox, Internet Explorer or Edge in Windows & Mac?

How to do a hard refresh for Chrome, Safari, Firefox, Internet Explorer or Edge in Windows & Mac?

Browser Hard Refresh in Google Chrome, Safari, Mozilla Firefox, Internet Explorer and Microsoft Edge Sometimes just by refreshing your browser alone doesn't help in letting you see the latest changes of a website. Any web developers will know this best. So below...

Amazon Web Services (AWS)Elastic BeanstalkServer
Unable to delete AWS Elastic Beanstalk Environment "resource XX-XXXXXXX has a dependent object" - MervCodes
Unable to delete AWS Elastic Beanstalk Environment “resource XX-XXXXXXX has a dependent object”

Unable to delete AWS Elastic Beanstalk Environment “resource XX-XXXXXXX has a dependent object”

Unable to delete AWS Elastic Beanstalk Environment "resource XX-XXXXXXX has a dependent object" Problem You will usually get this error when you are trying to delete an Elastic Beanstalk environment. Solution As the message in the Events log states, the security...

DatabaseMagentoMySQLOpen SourcePHPPhpMyAdminTechnology
Magento 1.9 Fix for Sending Double Emails or Sending Email to Wrong Recipients

Magento 1.9 Fix for Sending Double Emails or Sending Email to Wrong Recipients

As we know, Magento uses a cron job system to send out email from core_email_queue table. There is an additional table called core_email_queue_recipients, which as the name states, will store all recipients for emails there. But these records do not get removed at...

ApacheCentOSLinuxOSServerTechnology
How to Setup Let's Encrypt FREE SSL Certificate on Centos 6 Apache using Certbot? | MervCodes
How to Setup Let’s Encrypt FREE SSL Certificate on Centos 6 Apache using Certbot?

How to Setup Let’s Encrypt FREE SSL Certificate on Centos 6 Apache using Certbot?

Having SSL on your website these days is important especially if you want your website to rank better on Google search, and that's when Let's Encrypt come into the picture. Let's Encrypt is a free, automated, and open certificate authority (CA), run for the...