I don't have a tutorial handy, but maybe you can write one afterwards
Originally Posted by aysiu
Essentially, it's the same as the tutorials you find about https with self-signed certs/private PKI, minus all the hasle to create the certificates. It's just that you have to know where the PKI stuff ends and the webserver config begins. I think that's your problem.
Mostly from memory so possibly incomplete but it'll get you started and there's bound to be people here who can fill in the gaps :
Asuming Ubuntu server and apache :
- enable apache ssl module - get certificates from a CA
- copy the certificates to your webserver.
where should you put them ? I've seen documentation that says /etc/ssl/certs and /etc/ssl/private or something, and other that says /etc/apache2/ssl
if you're just doing web, I'd go with /etc/apache2/ssl
- create a suitable virtual host definition, eg by editing /etc/apache2/sites-available/default-ssl
comment out or delete the part that references the certificates, and replace those with the paths and filenames of your certs (the ones you copied in the previous step)
This is the tricky part : depending on what certificates you got, you may also need to describe tho whole "chain of trust" with
It's likely the CA that supplied your certificates has more detailed instructions on this.
SSLCertificateChainFile /etc/ ... /some_intermediate_cert
The Centos tutorial may be of help too - this is not going to differ significantly between distros, it's just a matter telling apache where to find the files
-enable the default https site (or the one you created) :
- restart apache
obviously, all of this is work for root, so you need to "sudo" all the commands.
service apache2 restart