How to configure Apache web server (httpd) in CentOS 7 with HTTPS

Version: 1.0   20-09-2019

To know more about Apache: Visit here.

Minimum requirements:

1.       A server with CentOS 7 OS.
2.       An IP address -Private or Public - assigned to the server (Static).
3.       A client system to access the webserver.
4.       Corresponding DNS entries for name resolution.

Procedure to install and Configure Apache web Server.

·         Update the server with latest patches.

[root@server01 ~]# yum update -y

·         Install apache (https) package.

[root@server01 ~]# yum install httpd -y

·         Enable firewall rules for port 80 (http) and 443 (https).

[root@server01 ~]# firewall-cmd --permanent --add-port=80/tcp
[root@server01 ~]# firewall-cmd --permanent --add-port=443/tcp
[root@server01 ~]# firewall-cmd --reload

·         Disable SELinux.

Change SELinux option from SELINUX=enforcing to SELINUX=disabled
[root@server01 ~]# vim /etc/selinux/config
[root@server01 ~]# setenforce 0
[root@server01 ~]#

·         Enable httpd service to start during system reboot.

[root@server01 ~]# systemctl enable httpd

·         Start the apache (httpd) service in the system.

[root@server01 ~]# systemctl start httpd

·         Access the webpage for testing.

Use the link http://<IP_Address_of_your_server> or http://<hostname_of_your_server> from a client machine through a browser to access the web page and test the functionality of the apache service. The browser will take you to the default web page like below if the Apache setup is working as expected.

Now you can create a test page in Apache document root path which is /var/www/html directory by default and test it once again.

[root@server01 ~]# echo "This is a test page for my apache server" > /var/www/html/index.html

Access the web page once again with IP address or hostname as mentioned above to see whether the above content “This is a test page for my apache server” is reflecting over there in the browser. If everything works fine as expected, the web page will show the content as below.

Secure the HTTP service.

·         Install SSL

[root@server01 ~]# yum install  openssl mod_ssl -y

·         Create a Self-Signed Certificate.

[root@server01 ~]# openssl genrsa -out ca.key 2048
[root@server01 ~]# openssl req -new -key ca.key -out ca.csr
[root@server01 ~]# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
[root@server01 ~]# cp ca.crt /etc/pki/tls/certs/
[root@server01 ~]# cp ca.key /etc/pki/tls/private/
[root@server01 ~]# cp ca.csr /etc/pki/tls/private/

·         Configure the service with Certificates

[root@server01 ~]# vim /etc/httpd/conf.d/ssl.conf

//** Find the section that begins with <VirtualHost _default_:443>. Uncomment the DocumentRoot and ServerName line and replace with your server's IP address. **//

DocumentRoot "/var/www/html"
ServerName <IP Address of your server>:443

//** Next, find the SSLCertificateFile and SSLCertificateKeyFile lines and update them with the new location of the certificates. **//

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

·         Save the configuration and Restart Apache service.

[root@server01 ~]# systemctl restart httpd

·         Test the service once again using URL https://<IP_Address_of_the_server> or https://<hostname_of_the_server> from the browser of your client system.


Popular posts from this blog

AIX Firefox Installation

AIX Commands

How to increase swap size on CentOS 8 / RHEL 8

How to configure NTP in RHEL8 or CentOS 8 by chronyd.

System Administration

How to manage Linux systems through web browser (cockpit for Linux): CentOS 7, CentOS 8, RHEL 7, RHEL 8, Fedora, Ubuntu and Debian systems.

How to find big files in Linux, Unix, AIX

Remote X11 forwarding for AIX in command line.

How to enable VNC server (get GUI remotely) in CentOS 7, RHEL 7, CentOS 8 and RHEL 8 servers.

How to change Time Zone in CentOS 8, RHEL 8 and Ubuntu systems