Continuing from previous post about Configure Apache2 Server, now we ready to generate Certificate Signing Request (CSR) and Private Key that used on our HTTPS later. To generate pair of keys (CSR and Private key), we need a mod_ssl or openssl command. With this command, a CSR and Private Key will generated as our input information.
Continue from previous post about Securing your web server, now I will post a tutorial about how to set web server that support with SSL. For information, I’ve tried this with Ubuntu 8.04 and Apache 2. Before we move to the next step, please assure that the apache2 have installed and work correctly on your machine. All of command that execute on console, must be execute by root. if everythings OK, lets start to configure!!
Today I’ve tried about how to securing my web server with SSL. As we know before, SSL provide a mechanism to encrypt all data that passed in the network, include on port 80 A.K.A HTTP. In web terminology, using SSL on a web server called secured HTTP or HTTPS. HTTPS implements Public Keys cryptoghraphy, that is two keys exists – Public Key and Private Key. Public Key can be owned by anyone that related on internet. But Private Key only can be owned by its true owner. A public key, holded by the Certification Authority (CA) so anyone can get it by sending a request to the CA. In the other hand, a Private Key, holded by the owner of web server, so no one can get it (except the owner it self).
