| Konsole |
| #mkdir /tmp/ssl_key #cd /tmp/ssl_key |
!Kemudian install openssl
| Konsole |
| #yum install openssl mod_ssl openssl |
!Generate private key
| Konsole |
| #openssl genrsa -out zipruz.key 1024 |
!Generate CSR
| Konsole |
| #openssl req -new -key zipruz.key -out zipruz.csr |
!Generate Self Signed Key
| Konsole |
| #openssl x509 -req -days 1000 -in zipruz.csr -signkey zipruz.key -out zipruz.crt |
!Pindahkan file2 sertifikat dan key ke folder lain
| Konsole |
| #cp zipruz.crt /etc/pki/tls/certs/ #cp zipruz.key /etc/pki/tls/private/ #cp zipruz.csr /etc/pki/tls/private/ |
!arahkan file apache ssl.conf ke file yang telah di generate tadi
| Konsole |
| #vi /etc/httpd/conf.d/ssl.conf SSLCertificateKeyFile /etc/pki/tls/private/ca.key SSLCertificateKeyFile /etc/pki/tls/private/ca.key |
!Edit file vhost pada webserver apache
| Konsole |
| <VirtualHost *:443> ServerAdmin admin@zipruz.web.id SSLCertificateFile "/etc/pki/tls/certs/ca.crt" SSLCertificateKeyFile "/etc/pki/tls/private/ca.key" DocumentRoot "/var/www/html/contoh" ServerName zipruz.web.id </VirtualHost> |
!Restart engine apache
| Konsole |
| #service httpd restart |
!tambahkan rule untuk port https pada firewall iptables
| Konsole |
| #iptables -A INPUT -p tcp –dport 443 -j ACCEPT #service iptables save #iptables -L -v |
No comments:
Post a Comment