How to install ssl certs in jump server [secure connection] ?
How to Create a SSL Certificate on ezeelogin jump server Apache for CentOS 6 /Centos 7/Centos 8 ?
Install Mod SSL
root@gateway :~# yum install mod_ssl openssl
Create a New Directory
we need to create a new directory where we will store the server key and certificate
root@gateway : ~# mkdir /etc/httpd/ssl
Create a Self Signed Certificate
When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
root@gateway:~# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/apache.key -out /etc/httpd/ssl/apache.crt
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State] :New York
Locality Name (eg, city) [] :NYC
Organization Name (eg, company) [Internet Widgits Pty Ltd] :Awesome Inc
Organizational Unit Name (eg, section) [] :Dept of Merriment
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:[email protected]
-----
Open up the SSL config file:
root@jumpserver:~# vi /etc/httpd/conf.d/ssl.conf
Find the section that begins with <VirtualHost _default_:443> and Uncomment the DocumentRoot and ServerName line and replace example.com with your domain name or server IP address
#uncomment & Replace the example.com with your domain
ServerName example.com:443
DocumentRoot "/var/www/html"
ServerName www.example.com:443
Find the following three lines, and make sure that they match the extensions below:
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/apache.crt
SSLCertificateKeyFile /etc/httpd/ssl/apache.key
Your virtual host is now all set up! Save and Exit
Restart Apache
systemctl restart httpd
H ow to Create a SSL Certificate on jump server Apache for Ubuntu 16 /Ubuntu 18/ Ubuntu 20/ Debian9/ Debian10 ?
Install Apache2
Create a New Directory
we need to create a new directory where we will store the server key and certificate
Create a Self Signed Certificate
When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
/etc/apache2/sites-available/default-ssl.conf.he default Apache SSL Virtual Host file.
Before we go any further, let's back up the original SSL Virtual Host file:
root@jumphost:~# cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak
Now, open the SSL Virtual Host file to make adjustments:
root@jumphost:~# nano /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin [email protected]
ServerName server_domain_or_IP
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>
root@jumphost:~# a2enmod ssl
root@jumphost:~# a2ensite default-ssl
root@jumpserver:~# systemctl restart apache2
