Difference between revisions of "SSL: Mengaktifkan SSL HTTPS dari CA Sectigo"

From OnnoWiki
Jump to navigation Jump to search
Line 48: Line 48:
 
         '''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key'''
 
         '''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key'''
 
         '''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle'''
 
         '''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle'''
 +
        #
 
         # ATAU berapa CA certificate file di letakan di folder apache2/ssl/
 
         # ATAU berapa CA certificate file di letakan di folder apache2/ssl/
 +
        #
 
         '''SSLCACertificatePath /etc/apache2/ssl/'''
 
         '''SSLCACertificatePath /etc/apache2/ssl/'''
 
         <FilesMatch "\.(cgi|shtml|phtml|php)$">
 
         <FilesMatch "\.(cgi|shtml|phtml|php)$">

Revision as of 06:13, 2 January 2022

Dari Sectigo / Comodo akan memperoleh 2 atau 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya 3 file,

AAA_Certificate_Services.crt
USERTrust_RSA_Certification_Authority.crt
onnocenter_or_id.crt


atau misalnya 2 file, misalnya

sectigo-atau-comodo.ca-bundle
onnocenter.or.id.crt

Dengan file private key, misalnya,

onnocenter.or.id.key

Copykan,

mkdir /etc/apache2/ssl
cp  AAA_Certificate_Services.crt /etc/apache2/ssl
cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl
cp onnocenter_or_id.crt /etc/apache2/ssl
cp onnocenter.or.id.key /etc/apache2/ssl

Edit Apache Conf

File-file ini harus di masukan ke configurasi apache. Yang perlu dilakukan di Server Apache adalah,

sudo a2enmod ssl
sudo service apache2 restart
cd /etc/apache2/sites-available
cp default-ssl.conf default-ssl.conf.asli
sudo vi /etc/apache2/sites-available/default-ssl.conf

Edit agar,

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin admin@example.com
        ServerName your_domain.com
        ServerAlias www.your_domain.com
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/example.com.crt
        SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
        SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle
        #
        # ATAU berapa CA certificate file di letakan di folder apache2/ssl/
        #
        SSLCACertificatePath /etc/apache2/ssl/
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                        SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
        </Directory>
        BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
    </VirtualHost>
</IfModule>

Aktifkan SSL Virtual Host

enable

sudo a2ensite default-ssl.conf

restart

sudo service apache2 restart
sudo systemctl reload apache2


Referensi