https
| 2021-03-14 / 2024-07-22 | ||
Einrichten von HTTPs für Apache2 und lighttpd
Apache2
#Zertifikat einspielen im Apache
sudo mv ~/.cert/l0la59.l11.crt /etc/ssl/certs/apache.crt
sudo mv ~/.cert/l0la59.l11.key /etc/ssl/private/apache.key
sudo a2enmod rewrite
sudo a2enmod ssl
#sudo nano /etc/apache2/sites-enabled/000-default.conf
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
sudo mv /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/000-default-ssl.conf
#sudo nano /etc/apache2/sites-available/000-default-ssl.conf
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
</VirtualHost>
sudo a2ensite 000-default-ssl.conf
#Apache neustarten
sudo service apache2 restartlighttpd
Verbugged... Siehe Kommentar in lighttpd
#Zertifikat zusammenführen und ablegen
cat bb8.l11.key bb8.l11.crt >> bb8.l11.pem
sudo cp bb8.l11.pem /etc/lighttpd/
#HTTPS konfigurieren
sudo nano /etc/lighttpd/lighttpd.conf
#In server.modules{} einfügen
"mod_openssl",
"mod_accesslog",
$SERVER["socket"] == "192.168.7.8:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/bb8.l11.pem"
#server.name = "example.com"
server.document-root = "/var/www/html"
server.errorlog = "/var/log/lighttpd/ssl-error.log"
accesslog.filename = "/var/log/lighttpd/ssl-access.log"
}
$HTTP["scheme"] == "http" {
url.redirect = ("" => "https://${url.authority}${url.path}${qsa}")
url.redirect-code = 308
}
#Syntax prüfen:
lighttpd -t -f /etc/lighttpd/lighttpd.conf
sudo systemctl restart lighttpd.service
sudo systemctl status lighttpd.service