Versions Compared

Old Version 17

changes.mady.by.user Michael Rasmussen

Saved on

compared with

New Version 18

changes.mady.by.user M

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Excerpt

Derscripes howto setup a webserver for file exchange in a Bit Repository system.

Apache2

Install Apache2, mod_ssl and mod_dav if not pre-installed.

Debian based systems
Code Block
$ a2enmod dav dav_fs dav_lock # Enable DAV
$ mkdir /path/to/www/dav      # Create directory for DAV
$ chown www-data:wwwdata /path/to/www/dav

$ a2enmod ssl                 # Enable SSL
$ a2ensite default-ssl        # Enable SSL site
RHEL
  1. yum install httpd mod_ssl
  2. mkdir -p /path/to/www/dav/
  3. chown apache:apche /path/to/www/dav/
  4. vim /etc/httpd/conf/httpd.conf (and change ServerName and enable WebDAV)
  5. mkdir /etc/httpd/ssl/
  6. generate self-signed key to /etc/httpd/ssl
  7. vim /etc/httpd/conf.d/ssl.conf
  8. service httpd start
  9. chkconfig httpd on
SSL Setup

Setup the SSL site (on debian /etc/apache2/sites-available/default-ssl, redhat: /etc/httpd/conf.d/ssl.conf) to use the relevant keys and certificates (see Create self signed certificate):

Code Block
         SSLCertificateFile      /path/to/server.crt
         SSLCertificateKeyFile   /path/to/server.key
         SSLCACertificateFile    /path/to/trusted.crt
         SSLVerifyClient         require
         SSLVerifyDepth          0

SSLCACertificateFile is a concatenation of client certificates in PEM format.

DAV Setup
Code Block
        <Location /dav>
                Dav On
        </Location>
Code Block
$ /etc/init.d/apache2 restart # Finally restart apache
or

$ service httpd restart
Redhat

As with Debian, except some things are done differently, see here.

References:
Apache SSL/TLS Encryption
Apache Module mod_dav

Lighttpd

Enabling upload (WebDAV):

...

References:
Configuring SSL
Redirecting HTTP to HTTPS

Create self signed certificate

Anchor
SelfSignedCert
SelfSignedCert

...

See also Using SSL in Java

Creating a certificate authority for test

No Format
$ mkdir /path/to/ca/                 # CA root
$ mkdir /path/to/ca/ca.db.certs      # Signed certificates
$ touch /path/to/ca/ca.db.index      # Index of signed certificates
$ echo 01 > /path/to/ca/ca.db.serial # Next (sequential) serial number
$ cp ca.conf /path/to/ca/            # Configuration file (see below)

$ cd /path/to/ca
$ openssl genrsa -out ca.key 1024    # Generate CA private key
$ openssl req -new -key ca.key \
                   -out ca.csr       # Create Certificate Signing Request
$ openssl x509 -req -days 10000 \
               -in ca.csr \
               -out ca.crt \
               -signkey ca.key       # Create self-signed certificate

...