Apache2 + SSL sample configuration

Configuration simple et rapide pour utiliser apache en mode HTTPS

mkdir /etc/apache2/ssl.crt

# génération d'un certificat
openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl.crt/apache.cert -keyout /etc/apache2/ssl.crt/apache.key

chmod 600 /etc/apache2/ssl.crt/apache.cert /etc/apache2/ssl.crt/apache.key

a2enmod ssl

rm /etc/apache2/sites-enabled/000-default
wget /uploads/apache/ssl -O /etc/apache2/sites-enabled/ssl

/etc/init.d/apache2 restart

Fichier de conf: /etc/apache2/sites-enabled/ssl

ServerName httpserver

ServerSignature Off
ServerTokens Prod

# Force https
<VirtualHost *:80>
        RewriteEngine on
        ReWriteCond %{SERVER_PORT} !^443$
        RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost *:443>

        DocumentRoot /var/www
       
        <Directory />
            Order deny,allow
            Deny from all
            Options None
            AllowOverride None
        </Directory>
       
        <Directory /var/www/>
            Options -ExecCGI -Indexes FollowSymLinks
            AllowOverride All
            Order allow,deny
            allow from all
        </Directory>

        SSLEngine on
        SSLCertificateFile    /etc/apache2/ssl.crt/apache.cert
        SSLCertificateKeyFile /etc/apache2/ssl.crt/apache.key
        # SSLCACertificateFile  /etc/apache2/ssl.crt/apache.chain
       
        # Deny hidden files
        <Files ~ "^\.">
            Order allow,deny
            Deny from all
            Satisfy All
        </Files>
        # Deny hidden folders / files
        RedirectMatch 403 /\..*$
       
        AddDefaultCharset UTF-8

        ErrorLog ${APACHE_LOG_DIR}/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>