Difference between revisions of "SSL: Mengaktifkan SSL HTTPS dari CA Sectigo"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 48: | Line 48: | ||
'''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key''' | '''SSLCertificateKeyFile /etc/apache2/ssl/example.com.key''' | ||
'''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle''' | '''SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle''' | ||
| − | # ATAU | + | # ATAU berapa CA certificate file di letakan di folder apache2/ssl/ |
'''SSLCACertificatePath /etc/apache2/ssl/''' | '''SSLCACertificatePath /etc/apache2/ssl/''' | ||
<FilesMatch "\.(cgi|shtml|phtml|php)$"> | <FilesMatch "\.(cgi|shtml|phtml|php)$"> | ||
| Line 62: | Line 62: | ||
</VirtualHost> | </VirtualHost> | ||
</IfModule> | </IfModule> | ||
| − | |||
==Aktifkan SSL Virtual Host== | ==Aktifkan SSL Virtual Host== | ||
Revision as of 06:13, 2 January 2022
Dari Sectigo / Comodo akan memperoleh 2 atau 3 file dalam bentuk zip. Jika file zip dibuka akan berisi, misalnya 3 file,
AAA_Certificate_Services.crt USERTrust_RSA_Certification_Authority.crt onnocenter_or_id.crt
atau misalnya 2 file, misalnya
sectigo-atau-comodo.ca-bundle onnocenter.or.id.crt
Dengan file private key, misalnya,
onnocenter.or.id.key
Copykan,
mkdir /etc/apache2/ssl cp AAA_Certificate_Services.crt /etc/apache2/ssl cp USERTrust_RSA_Certification_Authority.crt /etc/apache2/ssl cp onnocenter_or_id.crt /etc/apache2/ssl cp onnocenter.or.id.key /etc/apache2/ssl
Edit Apache Conf
File-file ini harus di masukan ke configurasi apache. Yang perlu dilakukan di Server Apache adalah,
sudo a2enmod ssl sudo service apache2 restart
cd /etc/apache2/sites-available cp default-ssl.conf default-ssl.conf.asli sudo vi /etc/apache2/sites-available/default-ssl.conf
Edit agar,
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin admin@example.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
SSLCACertificateFile /etc/apache2/ssl/ca-certificate.ca-bundle
# ATAU berapa CA certificate file di letakan di folder apache2/ssl/
SSLCACertificatePath /etc/apache2/ssl/
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
Aktifkan SSL Virtual Host
enable
sudo a2ensite default-ssl.conf
restart
sudo service apache2 restart sudo systemctl reload apache2