Difference between revisions of "SSL: Mengaktifkan SSL HTTPS dari CA Sectigo"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "Dari Sectigo akan memperoleh 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya, AAA_Certificate_Services.crt USERTrust_RSA_Certification_Authority.crt on...") |
Onnowpurbo (talk | contribs) |
||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | Dari Sectigo akan memperoleh 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya, | + | Dari Sectigo / Comodo akan memperoleh 2 atau 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya 3 file, |
AAA_Certificate_Services.crt | AAA_Certificate_Services.crt | ||
USERTrust_RSA_Certification_Authority.crt | USERTrust_RSA_Certification_Authority.crt | ||
onnocenter_or_id.crt | onnocenter_or_id.crt | ||
+ | |||
+ | |||
+ | atau misalnya 2 file, misalnya | ||
+ | |||
+ | sectigo-atau-comodo.ca-bundle | ||
+ | onnocenter.or.id.crt | ||
Dengan file private key, misalnya, | Dengan file private key, misalnya, | ||
Line 9: | Line 15: | ||
onnocenter.or.id.key | onnocenter.or.id.key | ||
− | Copykan, | + | Copykan semua file .crt, .ca-bundle, .key ke folder /etc/apache2/ssl |
+ | sudo su | ||
mkdir /etc/apache2/ssl | mkdir /etc/apache2/ssl | ||
+ | |||
+ | contoh, | ||
+ | |||
cp AAA_Certificate_Services.crt /etc/apache2/ssl | cp AAA_Certificate_Services.crt /etc/apache2/ssl | ||
cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl | cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl | ||
Line 41: | Line 51: | ||
'''SSLCertificateFile /etc/apache2/ssl/example.com.crt''' | '''SSLCertificateFile /etc/apache2/ssl/example.com.crt''' | ||
'''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key''' | '''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key''' | ||
+ | '''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle''' | ||
+ | # | ||
+ | # ATAU berapa CA certificate file di letakan di folder apache2/ssl/ | ||
+ | # | ||
'''SSLCACertificatePath /etc/apache2/ssl/''' | '''SSLCACertificatePath /etc/apache2/ssl/''' | ||
<FilesMatch "\.(cgi|shtml|phtml|php)$"> | <FilesMatch "\.(cgi|shtml|phtml|php)$"> | ||
Line 55: | Line 69: | ||
</IfModule> | </IfModule> | ||
+ | ==Aktifkan SSL Virtual Host== | ||
− | + | enable SSL | |
+ | |||
+ | cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/ | ||
− | + | atau | |
sudo a2ensite default-ssl.conf | sudo a2ensite default-ssl.conf | ||
− | restart | + | restart apache |
sudo service apache2 restart | sudo service apache2 restart | ||
sudo systemctl reload apache2 | sudo systemctl reload apache2 | ||
+ | |||
+ | ==Cek== | ||
+ | |||
+ | systemctl status apache2 | ||
+ | |||
+ | pastikan tidak ada error | ||
+ | |||
+ | ==Referensi== | ||
+ | |||
+ | * https://httpd.apache.org/docs/2.4/mod/mod_ssl.html |
Latest revision as of 17:21, 2 January 2022
Dari Sectigo / Comodo akan memperoleh 2 atau 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya 3 file,
AAA_Certificate_Services.crt USERTrust_RSA_Certification_Authority.crt onnocenter_or_id.crt
atau misalnya 2 file, misalnya
sectigo-atau-comodo.ca-bundle onnocenter.or.id.crt
Dengan file private key, misalnya,
onnocenter.or.id.key
Copykan semua file .crt, .ca-bundle, .key ke folder /etc/apache2/ssl
sudo su mkdir /etc/apache2/ssl
contoh,
cp AAA_Certificate_Services.crt /etc/apache2/ssl cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl cp onnocenter_or_id.crt /etc/apache2/ssl cp onnocenter.or.id.key /etc/apache2/ssl
Edit Apache Conf
File-file ini harus di masukan ke configurasi apache. Yang perlu dilakukan di Server Apache adalah,
sudo a2enmod ssl sudo service apache2 restart
cd /etc/apache2/sites-available cp default-ssl.conf default-ssl.conf.asli sudo vi /etc/apache2/sites-available/default-ssl.conf
Edit agar,
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin admin@example.com ServerName your_domain.com ServerAlias www.your_domain.com DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/apache2/ssl/example.com.crt SSLCertificateKeyFile /etc/apache2/ssl/example.com.key SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle # # ATAU berapa CA certificate file di letakan di folder apache2/ssl/ # SSLCACertificatePath /etc/apache2/ssl/ <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost> </IfModule>
Aktifkan SSL Virtual Host
enable SSL
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/
atau
sudo a2ensite default-ssl.conf
restart apache
sudo service apache2 restart sudo systemctl reload apache2
Cek
systemctl status apache2
pastikan tidak ada error