Power up with new SaaS Add-Ons from the DigitalOcean Marketplace

Question

Setting up ssl on apache2 for https on ubuntu 12.4 Droplet

  • Posted April 15, 2014

Background: Confused virtual server vs non-vertual server My http LAMP is up and running fine. I did get certificates from StartSSL!

  1. Did you edit your Apache2 httpd.conf or ssl.conf file fror SSL server on Ubuntu 12.4 droplet?

  2. Can you give me an example of your exact addition to the file for Ubuntu 12.4 you made like this example from SartSSL: https://www.startssl.com/?app=21

  3. Ubuntu dose not use /usr/local/apache can you tell me what you used?

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

These instructions came from StartSSL. https://www.startssl.com/?app=21 To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file. I am not doing virtual servers just one website do you do it the same way regardless?

LoadModule ssl_module modules/mod_ssl.so

Listen 443

<VirtualHost default:443> DocumentRoot /home/httpd/private ErrorLog /usr/local/apache/logs/error_log TransferLog /usr/local/apache/logs/access_log SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

SSLCertificateFile /usr/local/apache/conf/ssl.crt SSLCertificateKeyFile /usr/local/apache/conf/ssl.key SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem CustomLog /usr/local/apache/logs/ssl_request_log
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b” </VirtualHost>

I know the basics of encryption and how it works but not how to install a Certificate on a server. Unfortunate it seems I need some had holding. Here is a list of the file name I got from StartSSL:

Files I have to work with I got from StartSSL: First three are exports from browser-client to get back into StartSSL site: Builtin Object Token:StartCom Certification AuthorityFiles I have to work with-first three are exports from browser-client certificates to get into StartSSL Builtin Object Token:StartCom Certification Authority Builtin Object Token:StartCom Certification Authority Builtin Object Token:StartCom Certification Authority G2

Others I got from signing up ssl.crt ssl.key Downloaded from install apachee instructions on the StartSSL site: https://www.startssl.com/?app=21 ca.pem sub.class1.server.ca.pem

Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Stephen HendersonApril 15, 2014

Thanks <br> <br>https://www.digitalocean.com/community/articles/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps <br> <br>This was what I was looking for. I was most of the way there signing @ StartSSL would have been easier if I had had this guide. <br> <br>I used the rest to set up Apache

Andrew SBApril 15, 2014

The lines: <br> <br>SSLCertificateFile /usr/local/apache/conf/ssl.crt <br>SSLCertificateKeyFile /usr/local/apache/conf/ssl.key <br>SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem <br> <br>assume you downloaded the files to those locations. Just replace them with the paths you really used. For instance if you put them in /etc/apache2/ it would look like: <br> <br>SSLCertificateFile /etc/apache2/ssl.crt <br>SSLCertificateKeyFile /etc/apache2/ssl.key <br>SSLCertificateChainFile /etc/apache2/sub.class1.server.ca.pem <br> <br>There’s a tutorial that should show you how to get your StartSSL cert working with Apache: <br> <br>https://www.digitalocean.com/community/articles/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps