How to install ssl certs in jump server [secure connection] ?
How to Create a SSL Certificate on ezeelogin jump server Apache for CentOS 6 /Centos 7/Centos 8 ?
Overview: This article covers creating SSL certificates on Ezeelogin jump servers by installing necessary packages, creating directories for storing keys and certificates, generating self-signed certificates, and configuring Apache virtual hosts. This ensures secure HTTPS connections on CentOS and Ubuntu/Debian systems.
Step 1. Install Mod SSL
root@gateway :~# yum install mod_ssl openssl
Step 2. Create a New Directory
we need to create a new directory where we will store the server key and certificate
root@gateway : ~# mkdir /etc/httpd/ssl
When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
root@gateway:~# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/apache.key -out /etc/httpd/ssl/apache.crt
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State] :New York
Locality Name (eg, city) [] :NYC
Organization Name (eg, company) [Internet Widgits Pty Ltd] :Awesome Inc
Organizational Unit Name (eg, section) [] :Dept of Merriment
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:[email protected]
-----
root@jumpserver:~# vi /etc/httpd/conf.d/ssl.conf
#uncomment & Replace the example.com with your domain
ServerName example.com:443
DocumentRoot "/var/www/html"
ServerName www.example.com:443
Find the following three lines, and make sure that they match the extensions below:
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/apache.crt
SSLCertificateKeyFile /etc/httpd/ssl/apache.key
Your virtual host is now all set up! Save and Exit.
Restart Apache
systemctl restart httpd
How to Create a SSL Certificate on jump server Apache for Ubuntu 16 /Ubuntu 18/ Ubuntu 20/ Ubuntu 22/ Debian9/ Debian10 ?
Step 1. Install Apache2
Step 2. Create a New Directory
we need to create a new directory where we will store the server key and certificate
Step 3. Create a Self Signed Certificate
When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
Before we go any further, let's back up the original SSL Virtual Host file:
root@jumphost:~# cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak
Now, open the SSL Virtual Host file to make adjustments:
root@jumphost:~# nano /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin [email protected]
ServerName server_domain_or_IP
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>
root@jumphost:~# a2enmod ssl
root@jumphost:~# a2ensite default-ssl
root@jumpserver:~# systemctl restart apache2