Difference between revisions of "SSL: Mengaktifkan SSL HTTPS dari CA Sectigo"

Latest revision as of 17:21, 2 January 2022

Dari Sectigo / Comodo akan memperoleh 2 atau 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya 3 file,

AAA_Certificate_Services.crt
USERTrust_RSA_Certification_Authority.crt
onnocenter_or_id.crt

atau misalnya 2 file, misalnya

sectigo-atau-comodo.ca-bundle
onnocenter.or.id.crt

Dengan file private key, misalnya,

onnocenter.or.id.key

Copykan semua file .crt, .ca-bundle, .key ke folder /etc/apache2/ssl

sudo su
mkdir /etc/apache2/ssl

contoh,

cp  AAA_Certificate_Services.crt /etc/apache2/ssl
cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl
cp onnocenter_or_id.crt /etc/apache2/ssl
cp onnocenter.or.id.key /etc/apache2/ssl

Edit Apache Conf

File-file ini harus di masukan ke configurasi apache. Yang perlu dilakukan di Server Apache adalah,

sudo a2enmod ssl
sudo service apache2 restart

cd /etc/apache2/sites-available
cp default-ssl.conf default-ssl.conf.asli
sudo vi /etc/apache2/sites-available/default-ssl.conf

Edit agar,

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin admin@example.com
        ServerName your_domain.com
        ServerAlias www.your_domain.com
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/example.com.crt
        SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
        SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle
        #
        # ATAU berapa CA certificate file di letakan di folder apache2/ssl/
        #
        SSLCACertificatePath /etc/apache2/ssl/
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                        SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
        </Directory>
        BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
    </VirtualHost>
</IfModule>

Aktifkan SSL Virtual Host

enable SSL

cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/

atau

sudo a2ensite default-ssl.conf

restart apache

sudo service apache2 restart
sudo systemctl reload apache2

Cek

systemctl status apache2

pastikan tidak ada error

Referensi

https://httpd.apache.org/docs/2.4/mod/mod_ssl.html

Difference between revisions of "SSL: Mengaktifkan SSL HTTPS dari CA Sectigo"

Latest revision as of 17:21, 2 January 2022

Contents

Edit Apache Conf

Aktifkan SSL Virtual Host

Cek

Referensi

Navigation menu

Search

@@ Line 15: / Line 15: @@
   onnocenter.or.id.key
-Copykan,
+Copykan semua file .crt, .ca-bundle, .key ke folder /etc/apache2/ssl
+ sudo su
   mkdir /etc/apache2/ssl
+contoh,
   cp  AAA_Certificate_Services.crt /etc/apache2/ssl
   cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl
@@ Line 48: / Line 52: @@
           '''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key'''
           '''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle'''
+         #
           # ATAU berapa CA certificate file di letakan di folder apache2/ssl/
+         #
           '''SSLCACertificatePath /etc/apache2/ssl/'''
           <FilesMatch "\.(cgi|shtml|phtml|php)$">
@@ Line 65: / Line 71: @@
 ==Aktifkan SSL Virtual Host==
-enable
+enable SSL
+ cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/
+atau
   sudo a2ensite default-ssl.conf
-restart
+restart apache
   sudo service apache2 restart
   sudo systemctl reload apache2
+==Cek==
+ systemctl status apache2
+pastikan tidak ada error
 ==Referensi==
 * https://httpd.apache.org/docs/2.4/mod/mod_ssl.html