How to configure Apache web server (httpd) in CentOS 7 with HTTPS


Version: 1.0   20-09-2019

To know more about Apache: Visit here.

Minimum requirements:

1.       A server with CentOS 7 OS.
2.       An IP address -Private or Public - assigned to the server (Static).
3.       A client system to access the webserver.
4.       Corresponding DNS entries for name resolution.


Procedure to install and Configure Apache web Server.


·         Update the server with latest patches.

[root@server01 ~]# yum update -y

·         Install apache (https) package.

[root@server01 ~]# yum install httpd -y

·         Enable firewall rules for port 80 (http) and 443 (https).

[root@server01 ~]# firewall-cmd --permanent --add-port=80/tcp
[root@server01 ~]# firewall-cmd --permanent --add-port=443/tcp
[root@server01 ~]# firewall-cmd --reload

·         Disable SELinux.

Change SELinux option from SELINUX=enforcing to SELINUX=disabled
[root@server01 ~]# vim /etc/selinux/config
SELINUX=disabled
[root@server01 ~]# setenforce 0
[root@server01 ~]#

·         Enable httpd service to start during system reboot.

[root@server01 ~]# systemctl enable httpd

·         Start the apache (httpd) service in the system.

[root@server01 ~]# systemctl start httpd

·         Access the webpage for testing.

Use the link http://<IP_Address_of_your_server> or http://<hostname_of_your_server> from a client machine through a browser to access the web page and test the functionality of the apache service. The browser will take you to the default web page like below if the Apache setup is working as expected.



Now you can create a test page in Apache document root path which is /var/www/html directory by default and test it once again.

[root@server01 ~]# echo "This is a test page for my apache server" > /var/www/html/index.html

Access the web page once again with IP address or hostname as mentioned above to see whether the above content “This is a test page for my apache server” is reflecting over there in the browser. If everything works fine as expected, the web page will show the content as below.


Secure the HTTP service.

·         Install SSL

[root@server01 ~]# yum install  openssl mod_ssl -y

·         Create a Self-Signed Certificate.

[root@server01 ~]# openssl genrsa -out ca.key 2048
[root@server01 ~]# openssl req -new -key ca.key -out ca.csr
[root@server01 ~]# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
[root@server01 ~]# cp ca.crt /etc/pki/tls/certs/
[root@server01 ~]# cp ca.key /etc/pki/tls/private/
[root@server01 ~]# cp ca.csr /etc/pki/tls/private/

·         Configure the service with Certificates

[root@server01 ~]# vim /etc/httpd/conf.d/ssl.conf

//** Find the section that begins with <VirtualHost _default_:443>. Uncomment the DocumentRoot and ServerName line and replace example.com with your server's IP address. **//

DocumentRoot "/var/www/html"
ServerName <IP Address of your server>:443

//** Next, find the SSLCertificateFile and SSLCertificateKeyFile lines and update them with the new location of the certificates. **//

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

·         Save the configuration and Restart Apache service.

[root@server01 ~]# systemctl restart httpd

·         Test the service once again using URL https://<IP_Address_of_the_server> or https://<hostname_of_the_server> from the browser of your client system.


Other Useful Links:

  1. Apache Configuration - RHEL 7 & CentOS 7
  2. Primary DNS Configuration - RHEL6 & CentOS 6
  3. Apache with Open SSL (HTTPS) - RHEL7 & CentOS 7
  4. Host Name Configuration - RHEL 8, CentOS 8, RHEL 7 & CentOS 7

Comments

Post a Comment

Popular posts from this blog

AIX Firefox Installation

Overview           Mozilla Firefox for AIX is an Open Source Web Browser. It delivers helpful new features and continues to lead the way in on-line security. It implements technologies like the Gecko layout engine, and supports Web standards or draft standards like HTML, XHTML, XML, CSS, DOM, and many more . Version of Firefox Mozilla Firefox with version 3.5.13.1 can be installed in AIX 5.3 and later. Installation Procedure The following rpm s are the pre requisites for Firefox(64 bit). These packages will be available from the AIX Toolbox for Linux Applications CD/DVD. Before installing the prerequisites check the availability of 150MB free space on the /opt file system. atk-1.12.3-2.aix5.2.ppc.rpm cairo-1.8.8-1.aix5.2.ppc.rpm expat-2.0.1-1.aix5.2.ppc.rpm fontconfig-2.4.2-1.aix5.2.ppc.rpm freetype2-2.3.9-1.aix5.2.ppc.rpm gettext-0.10.40-6.aix5.1.ppc.rpm glib2-2.12.4-2.aix5.2.ppc.rpm gtk2-2.10.6-4.aix5.2.ppc.rpm libjpeg-6b-6.aix5.1.ppc.rpm libpng
Read more

How to increase swap size on CentOS 8 / RHEL 8

Swap space is the second type of memory in modern Linux systems. The primary function of swap space is to substitute disk space for RAM memory when real RAM fills up and more space is needed. Linux uses swap space to increase the amount of virtual memory available to a host. It can use one or more dedicated swap partitions or a swap file on a regular filesystem or logical volume. Now we are going to check: •              Current swap space in the system. •              How to identify swap volumes in the system. •              How to increase the size of swap volume. •              How to add one more swap device to system. This documentation is based on the test done in a CentOS 4.18.0-80.el8.x86_64 machine. The same procedure can be applied on RHEL 8 as well. We follow the LVM method to manage the volumes here though a normal partition also can be used for swap. We will see both the options here when we add another device as a swap volume. How to check the cu
Read more

AIX Commands

Usefull Commands for AIX =================== bootinfo –r     shows available RAM in KB lsattr –E l sys0 –a realmem    shows available RAM in KB rmss -c 512    To change the memory size to 512 MB rmss -r          resets the memory size to the original value lsattr  -El  en0     shows en0 driver params lsattr  -El  ent0     shows ent0 HW params lsattr -El rmt0     shows tape params lscfg -vpl rmt0     shows information about the tape drive lsattr  -El  sys0     shows system type, firmware, etc  driver params lscfg –v     lists all system HW configuration lsdev –C sscsi     list all scsi devices lsdev –C spci     list all pci devices lsparent –Ck scsi     list all scsi adapters cfgmgr     To onfigure devices lsdev –Cc disk      Shows all disks lsdev –Cc tape               Shows all tapes cfgmgr -vl < device > –v    Specifies verbose output. The cfgmgr command shows information about what it is doing. cfgmgr -vl < device >      Here <device> is a particular dev
Read more

How to configure NTP in RHEL8 or CentOS 8 by chronyd.

Network Time Protocol is used in systems to get the clock synced between them. All systems will sync their clock with NTP server is they are configured to do so. In RHEL8 or CentOS 8 it is achieved through “ chronyd ”. The “ chronyd ” daemon can be managed by the command “ chronyc ”. Below steps involve in configuring NTP through chronyd in linux systems. ·         Install the necessary packages. ·         Configure chrony service to sync with NTP server. ·         Set NTP synchronization. ·         Enable necessary firewall rules. ·         Enable and start chronyd service. Installation of chrony on RHEL8 or CentOS8. The below command helps to install chronyd in RHEL/CentOS 8. [root@system1 ~]# yum install chrony -y Chrony (NTP) server configuration The main configuration file for “ chronyd ” is /etc/chrony.conf . [root@system1 ~]# vim /etc/chrony.conf Below the minimum details to be set in the chrony.conf file. ·         pool 2.centos.pool.ntp.org iburst   # The name of the pool wh
Read more

Upgrade curl 7.29 to 7.69 in CentOS 7 or RedHat 7

By default we can see 7.29 as the latest version of curl in CentOS or RHEL7. Here we are going to see how we can upgrade it to version 7.69. We use city-fan.org repo for the upgrade of curl. Lets see how to install and enable this repo and upgrade the curl package. Install the "city-fan.org" repo # rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-2-1.rhel7.noarch.rpm Enable the repo "city-fan.org" in configuration file. Open the file /etc/yum.repos.d/city-fan.org.repo and enable the repo "city-fan.org" # vim /etc/yum.repos.d/city-fan.org.repo Upgrade the "curl" package from this repo. # yum update curl -y Once the update is done you can check the version of curl package by "rpm" command. # rpm -qa |grep curl libcurl-devel-7.69.1-1.1.cf.rhel7.x86_64 python-pycurl-7.19.0-19.el7.x86_64 libcurl-7.69.1-1.1.cf.rhel7.x86_64 curl-7.69.1-1.1.cf.rhel7.x86_64 #
Read more

How to find big files in Linux, Unix, AIX

      Most often we see that the utilization of file systems grows up and we need to do some sort of housekeeping in the file system. Mainly we identify which file consumes more space in the file systems. Sometimes we see chunk of files with small size of single file with more size consume more space in the file systems. In either situation our goal is to find out what is consuming more space, identify the necessity of those files in the file system and decide to housekeep the file system by removing the unwanted files. Here are some ways to find the big files in a directory. People mostly use the below steps to identify the big files in a directory. 1.        By using “ du ” command. 2.        By using “ find ” command By using “du” command. Eg .   # du -a / Here “ du ” command will look for all the files in the directory including filesystems mounted on directories under “ / ” directory and list them with their size on kilo bites (KB). If you want to sort
Read more

How to enable VNC server (get GUI remotely) in CentOS 7, RHEL 7, CentOS 8 and RHEL 8 servers.

Minimum requirements to connect a server remotely to access GUI are: 1.        Display server running in your workstation (I used MobaXterm. Software like Xming and VNC clients are also can be used.) 2.        Server running with GNOM workstation and VNC server. As I mentioned above, I have “MobaXterm” installed in my laptop that will work as a display server to connect my CentOS or RHEL server remotely. You may download it from here . It is very easy to use. If you have restrictions to install it in your laptop, then you can use the portable version of it. It can be just executed like PuTTy. To make sure my CentOS or RHEL server running with Desktop software, I use below commands to install them. In CentOS 7 or RHEL 7: [root@labsrv1 ~]# yum groupinstall “GNOME Desktop” In CentOS 8 or RHEL 8: [root@labsrv1 ~]#   yum groupinstall "Server with GUI To install the VNC server, use the below command. Install its dependencies as well, if it prompts for the same.
Read more

YUM configuration in AIX.

    In earlier days all RPM packages in AIX were installed by the command “rpm”. The limitation for RPM command is that the difficulty to resolve the dependent packages.   Like other Linux operating system like RedHat, CentOS etc. there is a possibility to setup YUM to install packages in AIX. The below procedure will take you through the steps of configuring YUM in AIX (7.1) systems.     After having many trial and error experiments, the final solution came up with YUM configuration on the system, which is already installed with any RPM packages, we may need to follow the steps like: 1.        Take a backup of system (mksysb) 2.        Have the list of currently installed RPM packages. 3.        Remove the existing RPM packages. 4.        Configure YUM as described below. 5.        Install the previous packages again. Let’s start with the configuration now. Assuming that all required backups are in place to do a roll-back in case of any worst-case scenario.
Read more

Remote X11 forwarding for AIX in command line.

Most of the Unix administrators love to work with command line and it is the most convenient way to work with Unix systems. There were occasions where we had to invoke the GUI for some applications to work with it like, invoke a Firefox browser to browse the internet through Unix systems, install an application in GUI mode etc. Here I am going to describe how can we address such situations by invoking GUI over CLI. Assumptions:           You have an AIX system with remote connection through ssh.           You need to invoke the GUI of an application through Xming or MobaXterm – a DISPLAY server. X Window in AIX server Minimum installation for X Window includes below filesets: X11.base.lib X11.base.rte X11.apps.config X11.apps.clients   (optional to run xclock program – in this case, just for testing purpose) Install the above-mentioned packages to invoke the GUI remotely through command line. Connect through SSH X11 port forwarding On the
Read more

How to manage Linux systems through web browser (cockpit for Linux): CentOS 7, CentOS 8, RHEL 7, RHEL 8, Fedora, Ubuntu and Debian systems.

    Cockpit is a web accessible interactive admin interface for Linux machines. Cockpit can usually be accessed on port 9090 of the machine it's installed on.     The cockpit-ws web service listens on port 9090 and is started on demand by systemd . The Cockpit web service authenticates the user, loads Cockpit into the browser, and starts cockpit-bridge in a Linux user session. The cockpit-bridge provides Cockpit in the web browser with access to the system APIs. It does this over its standard in and standard out.     Cockpit can be installed in the following Operating systems. Please not that this list is where I installed and tested, that does not mean that it will not work on other Operating Systems. RHEL 7 & RHEL 8 CentOS 7 & CentOS 8 Ubuntu Debian     Cockpit is a very helpful tool which can be used to access the Linux servers through a web browser and do all kind of administration tasks. Some of the main features of Cockpit are:
Read more