Enabling SSL on apache instance on EC2 Enabling SSL on apache instance on EC2 apache apache

Enabling SSL on apache instance on EC2


apache ssl amazon-ec2

Try this command:

 yum install mod_ssl

apache ssl amazon-ec2

A summary of what needs to be done to enable SSL on apache server on EC2:

  1. Get SSL certificate (which you already did)
  2. Install mod_ssl as Jose Vega said
  3. Add the following lines to your httpd.conf 3.
NameVirtualHost *:443<VirtualHost *:443>    ServerName www.example.com#    other configurationsSSLEngine onSSLCertificateFile /etc/httpd/conf/ssl.crt/mydomain.crtSSLCertificateKeyFile /etc/httpd/conf/ssl.key/mydomain.key</VirtualHost>

Finally, don't forget to open port 443 on your EC2 instance

apache ssl amazon-ec2

I managed to enable SSL on my ec2 instance and to install a free ssl certificate from startssl.com. I made a few mistakes, this is the basic approach:

  1. Signup to startssl.com by clicking Control Panel link
    • Complete the signup process. You will need to verify your email address.
  2. Validate your domain under Validation Wizard -> Domain Name Validation
  3. Get a Certificate by Certificate Wizard
    • Choose: Web Server SSL/TLS Certificate
    • Enter a password that will be used to encrypt the private key. You will need this later.
    • I chose keysize of 4096
    • Save the encrypted private key as ssl.encrypted.key someplace
    • ?? I forget what happened next
    • Save the certificate file as ssl.crt someplace. For me I had to wait 30 minute then it appeared under Tool Box -> Retrive Certificate
  4. Use openssl to decrypt the encrypted ssl.encrypted.key file
    • sudo openssl rsa -in ssl.encrypted.key -out ssl.unencrpted.key
    • startssl.com also have a decrypt option on their website, but it didn't work for me
  5. putty/ssh onto your ec2 machine
  6. install mod_ssl
    • sudo yum install mod_ssl
  7. Replace the default certificate and key
    • sudo vi /etc/pki/tls/certs/localhost.crt
    • Paste in the contents of ssl.crt
    • Make sure it pastes correctly! I always lose the first 6 characters
    • Use :%d to delete the existing certificate if required
    • [ESC] wq
    • sudo vi /etc/pki/tls/private/localhost.key
    • Paste in the contents of ssl.unencrypted.key
    • Again make sure it pastes correctly!
    • [ESC] wq
  8. Check the configuration
    • apachectl configtest
  9. Restart
    • sudo service httpd restart
    • I had issues restarting and I think what fixed it was sudo kill -9 httpd

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last