Latest Entries »

Self Signed SSL Cert

Filed Under: Linux by Ben — Leave a comment
August 15, 2011

Okay, so recently I switched servers, departed from Lighttpd and started using Apache. So far, I’ve had little trouble, I’ve enjoyed just how basic it can be, and also adding virtual hosts is a lot cleaner than what I’ve used before. However recently I have had to face the challenge of setting us SSL on the server! I am capable of doing this in Lighttpd so here is how I did it in Apache! Please note than I am running on CentOS 5.6, the way I do things may be slightly different to you.

To begin with I recommend becoming root to save you some time of having to sudo everything. So pop in:

sudo su -

You should now be in your default directory! So, to begin with we need openssl and mod_ssl for Apache. To do this:

yum install mod_ssl openssl

The next step is to generate the private key, generate the CSR and finally generate the self signed key! Commands are listed below:

openssl genrsa -out cert.key 1024
openssl req -new -key cert.key -out cert.csr
openssl x509 -req -days 365 -in cert.csr -signkey cert.key -out cert.crt

Now we need to copy each of these files into their correct locations.

cp cert.crt /etc/pki/tls/certs
cp cert.key /etc/pki/tls/private/cert.key
cp cert.csr /etc/pki/tls/private/cert.csr

Now we need to update the Apache SSL configuration file, this is located here: /etc/httpd/conf.d/ssl.conf

vim +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

Now we need to change the paths to match where your crt file is stored.

SSLCertificateFile /etc/pki/tls/certs/cert.crt

And the same for the key.

SSLCertificateKeyFile /etc/pki/tls/private/cert.key

Now exit vim (ctrl+c) and :x! Next restart Apache.

/etc/init.d/httpd restart

At this point this could be slightly different for you, however I am sure the same principle applies. I of course use virtual hosts configuration files so here is an example of how I set yachiru.net up.

<VirtualHost *:80>
  ServerName yachiru.net
  ServerAlias *.yachiru.net
  ServerAdmin solidarity@yachiru.net
  ErrorLog /var/log/httpd/yachiru.err
  CustomLog /var/log/httpd/yachiru.log combined
  DocumentRoot /home/yachiru/www
  <Directory "/home/yachiru/www">
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  SSLEngine on
  SSlCertificateFile /etc/pki/tls/certs/cert.crt
  SSLCertificateKeyFile /etc/pki/tls/private/cert.key
  <Directory /home/yachiru/www>
    AllowOverride All
  </Directory>
  DocumentRoot /home/yachiru/www
  ServerName yachiru.net
</VirtualHost>

So simply edit your configuration file similarly to this, then restart Apache and you’re done.

Please note, that although this does create a secure connection, your browser WILL flag up that it has not be signed correctly. You can purchase ssl certificates through godaddy or verisign to stop this from happening.

Tags: , , , , ,
Comment

Problem…Not solved?

Filed Under: Linux by Ben — Leave a comment
July 31, 2011

So I’ve been looking into creating my own web hosting company, I am in desperate need of money and well, I’m not too bad with server management! However, I am deeply stuck with a few things. My first is MySQL and PHPMyAdmin. I am trying to get it so that a particular user can only see and use their own database. I have this problem that all of the one’s I’ve created as root and myself, everyone can see them and manipulate them. And my final problem is sendmail. I’m using the mail() function which directly interacts with sendmail and no matter how many times I try to fix the problem it comes back with “connection refused by host x”. I have google’d so much and I just can’t find a solution…

Can anyone help?

Update: Well, I installed some new software to my server (php software) and it’s able to send out confirmation emails perfectly, I don’t believe it’s my coding so it must be the fact that it’s trying to send mail to a signed email address. Further investigation needed. Also, no luck with MySQL just yet :(.

Tags: , , ,
Comment

My biggest problem…

Filed Under: Linux by Ben — Leave a comment
July 10, 2011

Finally solved!

Since I was in first school I’ve used Windows, I’ve used 95, 98, ME, XP and 7 and never really seen much reason to stray. Until now! Ubuntu 11.04 has recently been released sporting the new GUI, Unity. In this new edition it looks cleaner, performs faster and it’s a lot better than any distro I’ve used so far. I’m not sure if I’ll switch to ubuntu from CentOS just yet, but in terms of daily use, I love it. Obtaining software is quick and easy and navigating everything is so simple. And best of all, it hasn’t frozen/crashed/blue screened at all.

Take a look:

Ubuntu desktop

Much cleaner than Win7 I do believe :).

Tags: ,
Comment