After getting Apache running on Ubuntu, I also got Apache running in CentOS 6.3. This went as smoothly as it did on Ubuntu. The following are the steps I took to get it running. As usual, CentOS was installed as a VM under VMWare player.
Unlike with Ubuntu, Apache comes pre-installed on CentOS and so all that was required to get it running was to start the httpd daemon and configure it to start when the server is booted:
# /etc/init.d/httpd start # chkconfig --levels 235 httpd on
To implement SSL, the same steps as under Ubuntu were required. First I installed OpenSSL and generated the key and self signed certificate:
# yum install mod_ssl openssl # openssl genrsa -out ca.key 2048 # openssl req -new -key ca.key -out ca.csr # openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
Of course for a real web site, the contents of the csr file is sent to a Certificate provider (Verisign, GeoTrust, etc.) who would then return the certificate to be included in the ca.crt file. The steps below are then followed as shown.
I then moved the files to the correct location:
# cp ca.crt /etc/pki/tls/certs # cp ca.key /etc/pki/tls/private/ca.key # cp ca.csr /etc/pki/tls/private/ca.csr
Edited ssl.conf and updated the following two lines with the new key and certificate:
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
I then restarted httpd. This allowed the local browser to access the web page via SSL http worked with ipv6 without any special configuration. https had issues because the browser could not “obtain identification status for the site.” and therefore would not allow me to add the exception. I fixed this by adding an entry in the /etc/hosts file with a name that matched the certificate:
192.168.239.138 www.ssltest.com fdc1:b20c:c011:1:20c:29ff:fe1d:635f www6.ssltest.com
Finally, I created a test index file under: /var/www/html/vhosts/ssltest.com/httpdocs and edited /etc/httpd/conf/httpd.conf to have a virtual host www.ssltest.com:
NameVirtualHost *:80 NameVirtualHost *:443 <VirtualHost *:80> DocumentRoot /var/www/html ServerName www.localhost.com ErrorLog logs/ssltest.com-error_log </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www/html/vhosts/ssltest.com/httpdocs ServerName www.ssltest.com ErrorLog logs/ssltest.com-error_log </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www/html/vhosts/ssltest.com/httpdocs ServerName www6.ssltest.com ErrorLog logs/ssltest.com-error_log </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key DocumentRoot /var/www/html ServerName www.localhost.com ErrorLog logs/ssltest.com-error_log </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key DocumentRoot /var/www/html/vhosts/ssltest.com/httpdocs ServerName www.ssltest.com ErrorLog logs/ssltest.com-error_log </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key DocumentRoot /var/www/html/vhosts/ssltest.com/httpdocs ServerName www6.ssltest.com ErrorLog logs/ssltest.com-error_log </VirtualHost>
The first virtual host was added as the default page to answer requests directed to the ip address (for example Error:404 or some such thing. The error page was placed in the default html directory. I also added both host entries to my Windows7 workstation and everything worked as expected.