How to configure Apache web server (httpd) in CentOS 7 with HTTPS


Version: 1.0   20-09-2019

To know more about Apache: Visit here.

Minimum requirements:

1.       A server with CentOS 7 OS.
2.       An IP address -Private or Public - assigned to the server (Static).
3.       A client system to access the webserver.
4.       Corresponding DNS entries for name resolution.


Procedure to install and Configure Apache web Server.


·         Update the server with latest patches.

[root@server01 ~]# yum update -y

·         Install apache (https) package.

[root@server01 ~]# yum install httpd -y

·         Enable firewall rules for port 80 (http) and 443 (https).

[root@server01 ~]# firewall-cmd --permanent --add-port=80/tcp
[root@server01 ~]# firewall-cmd --permanent --add-port=443/tcp
[root@server01 ~]# firewall-cmd --reload

·         Disable SELinux.

Change SELinux option from SELINUX=enforcing to SELINUX=disabled
[root@server01 ~]# vim /etc/selinux/config
SELINUX=disabled
[root@server01 ~]# setenforce 0
[root@server01 ~]#

·         Enable httpd service to start during system reboot.

[root@server01 ~]# systemctl enable httpd

·         Start the apache (httpd) service in the system.

[root@server01 ~]# systemctl start httpd

·         Access the webpage for testing.

Use the link http://<IP_Address_of_your_server> or http://<hostname_of_your_server> from a client machine through a browser to access the web page and test the functionality of the apache service. The browser will take you to the default web page like below if the Apache setup is working as expected.



Now you can create a test page in Apache document root path which is /var/www/html directory by default and test it once again.

[root@server01 ~]# echo "This is a test page for my apache server" > /var/www/html/index.html

Access the web page once again with IP address or hostname as mentioned above to see whether the above content “This is a test page for my apache server” is reflecting over there in the browser. If everything works fine as expected, the web page will show the content as below.


Secure the HTTP service.

·         Install SSL

[root@server01 ~]# yum install  openssl mod_ssl -y

·         Create a Self-Signed Certificate.

[root@server01 ~]# openssl genrsa -out ca.key 2048
[root@server01 ~]# openssl req -new -key ca.key -out ca.csr
[root@server01 ~]# openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
[root@server01 ~]# cp ca.crt /etc/pki/tls/certs/
[root@server01 ~]# cp ca.key /etc/pki/tls/private/
[root@server01 ~]# cp ca.csr /etc/pki/tls/private/

·         Configure the service with Certificates

[root@server01 ~]# vim /etc/httpd/conf.d/ssl.conf

//** Find the section that begins with <VirtualHost _default_:443>. Uncomment the DocumentRoot and ServerName line and replace example.com with your server's IP address. **//

DocumentRoot "/var/www/html"
ServerName <IP Address of your server>:443

//** Next, find the SSLCertificateFile and SSLCertificateKeyFile lines and update them with the new location of the certificates. **//

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

·         Save the configuration and Restart Apache service.

[root@server01 ~]# systemctl restart httpd

·         Test the service once again using URL https://<IP_Address_of_the_server> or https://<hostname_of_the_server> from the browser of your client system.


Other Useful Links:

  1. Apache Configuration - RHEL 7 & CentOS 7
  2. Primary DNS Configuration - RHEL6 & CentOS 6
  3. Apache with Open SSL (HTTPS) - RHEL7 & CentOS 7
  4. Host Name Configuration - RHEL 8, CentOS 8, RHEL 7 & CentOS 7

Comments

Post a comment

Popular posts from this blog

AIX Firefox Installation

Overview Mozilla Firefox for AIX is an Open Source Web Browser. It delivers helpful new features and continues to lead the way in on-line security. It implements technologies like the Gecko layout engine, and supports Web standards or draft standards like HTML, XHTML, XML, CSS, DOM, and many more .
Version of Firefox Mozilla Firefox with version 3.5.13.1 can be installed in AIX 5.3 and later.
InstallationProcedure
The following rpm s are the pre requisites for Firefox(64 bit). These packages will be available from the AIX Toolbox for Linux Applications CD/DVD. Before installing the prerequisites check the availability of 150MB free space on the /opt file system. atk-1.12.3-2.aix5.2.ppc.rpm cairo-1.8.8-1.aix5.2.ppc.rpm expat-2.0.1-1.aix5.2.ppc.rpm fontconfig-2.4.2-1.aix5.2.ppc.rpm freetype2-2.3.9-1.aix5.2.ppc.rpm gettext-0.10.40-6.aix5.1.ppc.rpm glib2-2.12.4-2.aix5.2.ppc.rpm gtk2-2.10.6-4.aix5.2.ppc.rpm libjpeg-6b-6.aix5.1.ppc.rpm libpng-1.2.32-2.aix5.2.ppc.rpm libtiff-3.8.2-1.aix5.2.ppc.rpm pango-1.14…
Read more

AIX Commands

Usefull Commands for AIX
===================

bootinfo –r    shows available RAM in KB
lsattr –E l sys0 –a realmem   shows available RAM in KB
rmss -c 512To change the memory size to 512 MB
rmss -r         resets the memory size to the original value
lsattr  -El  en0    shows en0 driver params
lsattr  -El  ent0    shows ent0 HW params
lsattr -El rmt0    shows tape params
lscfg -vpl rmt0    shows information about the tape drive
lsattr  -El  sys0    shows system type, firmware, etc  driver params
lscfg –v    lists all system HW configuration lsdev –C sscsi    list all scsi devices
lsdev –C spci    list all pci devices
lsparent –Ck scsi    list all scsi adapters
cfgmgr    To onfigure devices
lsdev –Cc disk     Shows all disks
lsdev –Cc tape              Shows all tapes
cfgmgr -vl <device> –v   Specifies verbose output. The cfgmgr command shows information about what it is doing.
cfgmgr -vl <device>      Here <device> is a particular device.
lsdisp    To check which graphic adapter is i…
Read more

How to increase swap size on CentOS 8 / RHEL 8

Swap space is the second type of memory in modern Linux systems. The primary function of swap space is to substitute disk space for RAM memory when real RAM fills up and more space is needed. Linux uses swap space to increase the amount of virtual memory available to a host. It can use one or more dedicated swap partitions or a swap file on a regular filesystem or logical volume. Now we are going to check: •Current swap space in the system. •How to identify swap volumes in the system. •How to increase the size of swap volume. •How to add one more swap device to system.
This documentation is based on the test done in a CentOS 4.18.0-80.el8.x86_64 machine. The same procedure can be applied on RHEL 8 as well. We follow the LVM method to manage the volumes here though a normal partition also can be used for swap. We will see both the options here when we add another device as a swap volume. How to check the current swap size in the system? We can see the current swap size either by using …
Read more

How to configure NTP in RHEL8 or CentOS 8 by chronyd.

Network Time Protocol is used in systems to get the clock synced between them. All systems will sync their clock with NTP server is they are configured to do so. In RHEL8 or CentOS 8 it is achieved through “chronyd”. The “chronyd” daemon can be managed by the command “chronyc”.
Below steps involve in configuring NTP through chronyd in linux systems.
·Install the necessary packages. ·Configure chrony service to sync with NTP server. ·Set NTP synchronization. ·Enable necessary firewall rules. ·Enable and start chronyd service.
Installation of chrony on RHEL8 or CentOS8.
The below command helps to install chronyd in RHEL/CentOS 8.
[root@system1 ~]# yum install chrony -y


Chrony (NTP) server configuration
The main configuration file for “chronyd” is /etc/chrony.conf.
[root@system1 ~]# vim /etc/chrony.conf
Below the minimum details to be set in the chrony.conf file.
·pool 2.centos.pool.ntp.org iburst # The name of the pool where NTP server to which the time to be synched resides. Comment out this line a…
Read more

System Administration

Dear Unix Administrators,

A warm welcome to my blog which is a helping tool for Unix administrators. The main discussion topics over here are AIX and Linux platforms. We are going to put the details of AIX, Linux and their related topics on DevOps over here, as much as possible. Please read through it, give your valuable comments and feedback to identify the improvement opportunities. You may suggest the new topics for discussion as well.

Your feedback is most valuable for us to support you better. You shall give it through either the comment session on each blog page, as an email or through our helpdesk. Please visit our contact page to get the details or mail ID and helpdesk.

Well, Thanks for your interest in learning and reading this blog. Reach out to us for any help related to Unix Administration.

Happy Learning..

Thank you, IT Consulting Team
Read more

How to find big files in Linux, Unix, AIX

Most often we see that the utilization of file systems grows up and we need to do some sort of housekeeping in the file system. Mainly we identify which file consumes more space in the file systems. Sometimes we see chunk of files with small size of single file with more size consume more space in the file systems. In either situation our goal is to find out what is consuming more space, identify the necessity of those files in the file system and decide to housekeep the file system by removing the unwanted files.
Here are some ways to find the big files in a directory. People mostly use the below steps to identify the big files in a directory.
1.By using “du” command. 2.By using “find” command
By using “du” command.
Eg.# du -a /
Here “du” command will look for all the files in the directory including filesystems mounted on directories under “/” directory and list them with their size on kilo bites (KB). If you want to sort the files in the order of its size user sort command with…
Read more

How to manage Linux systems through web browser (cockpit for Linux): CentOS 7, CentOS 8, RHEL 7, RHEL 8, Fedora, Ubuntu and Debian systems.

Cockpit is a web accessible interactive admin interface for Linux machines. Cockpit can usually be accessed on port 9090 of the machine it's installed on.
    The cockpit-ws web service listens on port 9090 and is started on demand by systemd. The Cockpit web service authenticates the user, loads Cockpit into the browser, and starts cockpit-bridge in a Linux user session. The cockpit-bridge provides Cockpit in the web browser with access to the system APIs. It does this over its standard in and standard out.
    Cockpit can be installed in the following Operating systems. Please not that this list is where I installed and tested, that does not mean that it will not work on other Operating Systems.
RHEL 7 & RHEL 8CentOS 7 & CentOS 8UbuntuDebian

    Cockpit is a very helpful tool which can be used to access the Linux servers through a web browser and do all kind of administration tasks. Some of the main features of Cockpit are:
Web GUI administration of local and remote serve…
Read more

Remote X11 forwarding for AIX in command line.

Most of the Unix administrators love to work with command line and it is the most convenient way to work with Unix systems. There were occasions where we had to invoke the GUI for some applications to work with it like, invoke a Firefox browser to browse the internet through Unix systems, install an application in GUI mode etc.
Here I am going to describe how can we address such situations by invoking GUI over CLI.
Assumptions:
You have an AIX system with remote connection through ssh.You need to invoke the GUI of an application through Xming or MobaXterm – a DISPLAY server.

X Window in AIX server
Minimum installation for X Window includes below filesets: X11.base.lib X11.base.rte X11.apps.config X11.apps.clients(optional to run xclock program – in this case, just for testing purpose) Install the above-mentioned packages to invoke the GUI remotely through command line.
Connect through SSH X11 port forwarding
On the AIX server check that ssh X11 forwarding requests are enabled.
# grep X11Forwar…
Read more

How to enable VNC server (get GUI remotely) in CentOS 7, RHEL 7, CentOS 8 and RHEL 8 servers.

Minimum requirements to connect a server remotely to access GUI are: 1.Display server running in your workstation (I used MobaXterm. Software like Xming and VNC clients are also can be used.) 2.Server running with GNOM workstation and VNC server. As I mentioned above, I have “MobaXterm” installed in my laptop that will work as a display server to connect my CentOS or RHEL server remotely. You may download it from here. It is very easy to use. If you have restrictions to install it in your laptop, then you can use the portable version of it. It can be just executed like PuTTy. To make sure my CentOS or RHEL server running with Desktop software, I use below commands to install them. In CentOS 7 or RHEL 7: [root@labsrv1 ~]# yum groupinstall “GNOME Desktop” In CentOS 8 or RHEL 8: [root@labsrv1 ~]# yum groupinstall "Server with GUI To install the VNC server, use the below command. Install its dependencies as well, if it prompts for the same. [root@labsrv1 ~]# yum install tigervnc-server tigerv…
Read more

How to change Time Zone in CentOS 8, RHEL 8 and Ubuntu systems

Time zone is managed by a command called “timedatectl” provided by the package “systemd-239-13.el8.x86_64”.
To check the current time zone details:
[root@system1 ~]# timedatectl Local time: Tue 2019-12-17 19:35:07 EAT Universal time: Tue 2019-12-17 16:35:07 UTC RTC time: Tue 2019-12-17 16:35:07 Time zone: Africa/Nairobi (EAT, +0300) System clock synchronized: no NTP service: active RTC in local TZ: no [root@system1 ~]#
Now decide which time zone to be used and list it from the available zones by:
[root@system1 ~]# timedatectl list-timezones
There are around 426 time zones available in the system running with OS “CentOS Linux release 8.0.1905 (Core)”.
To search the exact time zone you need use grep command with the above command as below. In this case I am going to set IST as the time zone and trying to find the zones under “/Kolkata” using:
[root@system1 ~]# timedatectl list-timezones|grep -i Kolkata Asia/Kolkata [root@system1 ~]#
Now I am going to set the above time zone to my system.
[root@system1 ~]…
Read more