...
| Code Block |
|---|
$ a2enmod dav dav_fs dav_lock # Enable DAV $ mkdir /path/to/www/dav # Create directory for DAV $ chown www-data:wwwdata /path/to/www/dav $ a2enmod ssl # Enable SSL $ a2ensite default-ssl # Enable SSL site |
RHEL
- yum install httpd mod_ssl
- vim /etc/httpd/conf/httpd.conf (and change ServerName)
- mkdir /etc/httpd/ssl/
- generate self-signed key to /etc/httpd/ssl
- vim /etc/httpd/conf.d/ssl.conf
- service httpd start
- chkconfig httpd on
SSL Setup
Setup the SSL site (on debian /etc/apache2/sites-available/default-ssl, redhat: /etc/httpd/conf.d/ssl.conf) to use the relevant keys and certificates (see Create self signed certificate):
...
SSLCACertificateFile is a concatenation of client certificates in PEM format.And
DAV
...
Setup
| Code Block |
|---|
<Location /dav>
Dav On
</Location>
|
...
| No Format |
|---|
# For HTTPS servers remember to put the
# server FQDN in the CN.
KEY="$CN.key"
CSR="$CN.csr"
CRT="$CN.crt"
# Generate key
openssl genrsa -out "$KEY" 1024 || exit 1
# Certificate Signing Request (Remember to modify the signing request subject)
openssl req -new -key "$KEY" -out "$CSR" -subj "/C=DK/O=TestOrganization/OU=TestDepartment/CN=$CN" || exit 1
# Self sign
openssl x509 -req -days 1000 -in "$CSR" -out "$CRT" -signkey "$KEY" || exit 1
|
...
| No Format |
|---|
pkcs12 -export -in browser.crt -inkey browser.key -out browser.p12 -certfile /path/to/server.crt
|
See also Using SSL in Java
...