Virtual Host and SSL Virtual Hosting

Virtual hosting is a method for hosting multiple domain names on a server using a single IP address. This allows one server to share its resources, such as memory and processor cycles, in order to use its resources more efficiently.

What is SSL and what are Certificates?

The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers.

1) A browser requests a secure page (usually https://).

2)The web server sends its public key with its certificate.

3) Encryptions and decryption are performed at webserver and browser using keys.

Requirements:

Make sure your apache is installed along with openssl

#apt-get unstall apache2

#apt-get install openssl

Creating SSL certificate

you can create certificate any where and then put it in required directory, but it is a good practice to create them in your apache web director .

lets create a directory ‘ssl’

# mkdir /etc/apache2/sites-available/ ssl

#cd /etc/apache2/sites-available/ssl

#openssl genrsa -des3 -out server.key 4096

After this command, enter the passcode. You have created a ‘key’ file.

Now, using this file , you will create ‘csr’ file, here

#openssl req -new -key server.key -out server.csr

Enter pass code, and fill out the necessary information.
Now, using ‘csr’ file you will create your certificate ‘crt’,

#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Now copy both files in:

cp server.crt /etc/ssl/certs
cp server.key /etc/ssl/private

Your SSL credentials are completed and you will have to put these path in your virtual host configuration at port 443.

——————————————————————————————————————————————————————

Creating Virtual Hosts

Lets create a virtual host with name nextbridge.com, assuming your web pages associated with nextbridge.com are placed in /var/www/nextbridge/

1)  Create file nextbridge.com in /etc/apache2/site-available/

vi /etc/apache2/site-avaiable/nextbridge.com

2)  Copy and paste the following text:

<VirtualHost nextbridge.com:80> # virtual host nextbridge.com on port 80
ServerAdmin yourname@localhost
DocumentRoot /var/www/nextbridge/ # source web file directory
ServerAlias nextbridge.com
</VirtualHost>

 
 
<VirtualHost nextbridge.com:443> # virtual host nextbridge.com on port 443 : when accessed through https://# virtual host nextbridge.com
ServerAdmin yourname@localhost
DocumentRoot var/www/nextbridge/
ServerAlias nextbridge.com
SSLEngine on #SSL credentials
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
</VirtualHost>
 

3) Enable this site with apache

#a2ensite nextbridge.com

4) Restart your apache and enter passcode.

#/etc/init.d/apache restart

Advertisements