October 1st, 2007 ··· andarius

Slackware httpd with SSL is rather easy to set up. It is not however an automatic process. Note that this will not give you official certs. These are not good for things like banking and such. The steps below will however give you a set of unique self-signed certs that will help keep things a bit more solid.

First edit your /etc/httpd/httpd.conf file accordingly.

#LoadModule ssl_module lib/httpd/modules/mod_ssl.so	 <-- Uncomment
ServerAdmin you@example.com				 <-- should reflect your email
#Include /etc/httpd/extra/httpd-ssl.conf		 <-- Uncomment

Generate the keys you need. The following 3 steps will accomplish in order: Create the key and request, Remove the passphrase from the key, Convert the request into a signed cert:

openssl req -new -out server.csr
openssl rsa -in privkey.pem -out server.key
openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365

Move them into place:

cp new.cert.cert /etc/httpd/server.crt
cp new.cert.key /etc/httpd/server.key

If you want httpd to start at boot make sure /etc/rc.d/rc.httpd is +x:

chmod +x /etc/rc.d/rc.httpd

Start the server:

/etc/rc.d/rc.httpd start

Point your browser at it:

http://localhost <-- or the IP if you are checking from a remote machine

If all is well copy your config files and keys somewhere safe. Of course change the below to match your backup location:

cp /etc/httpd/httpd.conf /media/caddy/backup
cp /etc/httpd/server.crt /meia/caddy/backup
cp /etc/httpd/server.key /media/caddy/backup

If you edited /etc/httpd/extra/httpd-ssl.conf you should back it up as well. It is not needed for a simple setup to edit those so they are left out here.

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website