FreeBSD 14
Sponsored Link

Apache httpd : SSL/TLS Setting2024/01/30


Configure SSL/TLS setting to use secure encrypt HTTPS connection.


Get SSL Certificate, refer to here.

[2] Enable SSL/TLS settings.
root@www:~ #
vi /usr/local/etc/apache24/httpd.conf
# line 92 : uncomment

LoadModule socache_shmcb_module libexec/apache24/
# line 148 : uncomment

LoadModule ssl_module libexec/apache24/
# line 526 : uncomment

Include etc/apache24/extra/httpd-ssl.conf
root@www:~ #
vi /usr/local/etc/apache24/extra/httpd-ssl.conf
# line 125, 126 : change to your server name and admin email

DocumentRoot "/usr/local/www/apache24/data"


ErrorLog "/var/log/httpd-error.log"
TransferLog "/var/log/httpd-access.log"
# line 144 : change to the certificate you got in [1]

# line 154 : change to the certificate you got in [1]

# line 165 : uncomment and change to the certificate you got in [1]

root@www:~ #
service apache24 reload

[3] If you'd like to set HTTP connection to redirect to HTTPS (Always on SSL/TLS), Set RewriteRule to each Host settings.
For example, if you set Virtual Hostings like the link here, Add RewriteRule like follows. Or It's possible to set RewriteRule in [.htaccess] not in [httpd.conf].
root@www:~ #
vi /usr/local/etc/apache24/httpd.conf
# line 181 : uncomment

LoadModule rewrite_module libexec/apache24/
root@www:~ #
vi /usr/local/etc/apache24/Includes/vhost.conf
<VirtualHost *:80>
    DocumentRoot /usr/local/www/apache24/data
    # add RewriteRule
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

root@www:~ #
service apache24 reload

[4] Verify to access to the test page from any client computer with Web browser via HTTPS.
Matched Content