Add custom certificates to Apache

Introduction

In numerous cases you want to enable https on a webserver like Apache. So I decided a once and for all documentation for it.

Configuration

a2enmod ssl
a2enmod rewrite
systemctl restart apache2

Edit the Apache configurationf file /etc/apache2/apache2.conf

Add at the end:

<Directory /var/www/html>
         AllowOverride All
</Directory>

Edit the Apache configuration file for the default website: /etc/apache2/sites-enabled/000-default.conf

<VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /var/lib/zentyal/conf/ssl/ssl.cert
        SSLCertificateKeyFile /var/lib/zentyal/conf/ssl/ssl.key

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

You have to add the lines 22, 23 and 24. I use the same certificate all over the system, so I point to already existing certificates.

Restart the service:

service apache2 restart

You might want to insert this at the beginning of the file:

<VirtualHost *:80>
        RewriteEngine On
        RewriteCond %{HTTPS} !=on
        RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
</virtualhost>

Useful links

https://techexpert.tips/apache/enable-https-apache/

Set system time automatically

Set correct Timezone

Flush DNS Cache Unbuntu

Start / Stop /Restart BIND DNS Server

Hardening of Linux

Tutorial on ufw

Fix Error fwupd-refresh

Enable ssh login with a public key

Mount SAMBA shares

Check for open ports

Network browsing not working

Display IP address on Panel in Xfce

Biometrics: Fingerprint

Disable SELinux on Fedora

Create boot USB

Install PVE-VDIClient on Arch Linux

Install network scanner on Archlinux

Install xrdp

Install Cockpit and Firewalld on Debian 12

Install xrdp on Fedora 42

Install send mail service on Fedora

How to Disable SIP

Boot into recovery mode

MacOS - Flush DNS Cache

MacOS - Privacy hint / OCSP patch

Map a shared drive on MacOS

PVE - VM does not stop

PVE - No quorum error

PVE - Can't lock file

Installation of Thunderbird

Add Microsoft Outlook Account/Teams to Thunderbird

Webflow User Guide

Add custom certificates to Apache

Introduction

Configuration

Useful links

No Comments