Install certificate files:
SSLCertificateFile /etc/ssl/certs/domain.com.crt SSLCertificateKeyFile /etc/ssl/private/private.key SSLCertificateChainFile /etc/ssl/certs/domain.com.cabundle
A bare-bones SSL-enabled VirtualHost entry:
Listen 443 <VirtualHost _default_:443> ServerName domain.com DocumentRoot /var/www/localhost/htdocs <Directory "/var/www/localhost/htdocs"> Options Indexes FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> SSLEngine on SSLProtocol -all +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /etc/ssl/certs/domain.com.crt SSLCertificateKeyFile /etc/ssl/private/private.key SSLCertificateChainFile /etc/ssl/certs/domain.com.cabundle <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/var/www/localhost/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost>
In Ubuntu, Apache does not use Virtual Hosts by default. To change this, edit /etc/apache2/ports.conf
and add NameVirtualHost *:443
to the SSL config.
Then, in /etc/apache2/sites-available/default-ssl
change VirtualHost directive from _default_:443
to *:443
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}