SSL on Apache HTTP Server

Question

I have 2 crt files for Apache server:

• 1_root_bundle.crt
• 2_my_domain_name.com.crt

And other bundle:

• 1_Intermediate.crt
<

Answer 1

1) Install Apache HTTP Server, mod_ssl

2) Configure httpd

Remember to disable SSLv2 and SSLv3, because they are vulnerable.

  # Toggle on the SSL/TLS Protocol Engine
  SSLEngine On
  # The signed certificate of the server
  SSLCertificateFile /etc/pki/tls/myserver/myserver.crt
  # The private key of the server
  SSLCertificateKeyFile /etc/pki/tls/myserver/myserver.key
  # The intermediate_certificate of the server
  SSLCertificateChainFile /etc/pki/tls/myserver/tls-ca-chain.pem

  # Accept only strong encryption
  SSLProtocol             all -SSLv2 -SSLv3
  SSLCipherSuite           HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
  SSLHonorCipherOrder     on

3) Check the permissions on the certificate files.

UPD: How to create a key and certificate signing request in one step:

openssl req -new -newkey rsa:2048 -nodes -keyout myserver.key -out myserver.csr

Next you have to send this csr file to one of the certificate authorities. They will send back your signed certificate, and the intermediate certificate(s).

You can also create a self-signed certificate.