HTTP Server: Apache 2.4

SSL Support (HTTPS)

by ross at 03:19:26 on August 2, 2014

Edit httpd.conf, find "Listen 80" and change to:

Listen 443
Listen 80

Uncomment the following modules:

LoadModule socache_shmcb_module libexec/apache24/
LoadModule ssl_module libexec/apache24/

Create apache24/modules.d/100_mod_ssl.conf:

<IfModule ssl_module>
    SSLEngine off
    SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
    SSLPassPhraseDialog  builtin
    SSLSessionCache        "shmcb:/var/run/ssl_scache(512000)"
    SSLSessionCacheTimeout  300

    <FilesMatch "\.(cgi|fcgi|php|phtml|inc)$">
        SSLOptions +StdEnvVars

    BrowserMatch "MSIE [2-5]" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

Virtual hosts

<VirtualHost *:443>

    # ... absolutely the same stuff as in *:80 vhost goes here ...

    SSLEngine on
    # You need to specify the certificate and the key:
    SSLCertificateFile "/etc/certs/"
    SSLCertificateKeyFile "/etc/certs/"

If self-signed certificate is enough for you, then you can generate one using this guide.