Chapter 9. Configuring httpd for SSL connections

Procedure 9.1. To configure httpd for ssl connections:

1. Install mod_ssl using the following command:

   # rpm -qa | grep mod_ssl

   Copy to Clipboard Toggle word wrap
2. Edit the HTTPD_HOME/conf.d/ssl.conf file and add ServerName, SSLCertificateFile, and SSLCertificateKeyFile

    Example SSL configuration
       <VirtualHost _default_:443>
   #ServerName www.example.com:443
   SSLCertificateFile /etc/pki/tls/certs/localhost.crt
   SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
   

   Copy to Clipboard Toggle word wrap
   1. ServerName must match the Common Name (CN) of the SSL certificate. If the ServerName does not match the CN, the client browsers display a message "domain mismatch".
   2. The SSLCertificateFile is the private key associate with the certificate (the public key).
   3. Verify that the Listen directive in the ssl.conf file is correct as per your setup. For example, if an IP address is specified, it must match the IP address the httpd service is bound to.
3. Restart httpd using the following command:

   # service httpd restart

   Copy to Clipboard Toggle word wrap