To secure the data transfer redirecting the HTTP traffic to the secured (HTTPS) version of your website. To encrypt the communication between client and server HTTPS uses TLS/SSL.
Apache web server installed, domain names configured through virtual hosts that specify the ServerName. and the SSL certificates for the domain.
To point a domain to HTTPS you need to add the path of the SSL certificates in the virtual host configuration file and
Step1: Open the example-zehncloud.com.conf file to edit.
sudo nano /etc/apache2/sites-available/example-zehncloud.com.conf
The default files look like:
ServerAdmin admin@example-zehncloud.com ServerName example-zehncloud.com ServerAlias www.example-zehncloud.com DocumentRoot /var/www/html/example_zehncloudcom ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined
Step 2: Add the following code:
ServerName example-zehncloud.com ServerAlias www.example-zehncloud.com DocumentRoot /var/www/html/example_zehncloudcom Redirect permanent / https://example-zehncloud.com/ # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerAdmin webmaster@localhost ServerName example-zehncloud.com ServerAlias www.example-zehncloud.com DocumentRoot /var/www/html/example_zehncloudcom SSLEngine On # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf SSLCertificateFile SSLCertificateKeyFile SSLCACertificateFile
With the port 80 for HTTP, we need to add another virtual host mapping to enable the service on port 443 (default SSL port). The virtual host mapping with the SSL i.e with port 443 requires SSL Certificate details.
The SSLCertificateFile points to the file with certificate data in PEM format.
The SSLCertificateKeyFile This directive sets the all-in-one file where you can assemble the Certificates of Certification Authorities (CA) whose clients you deal with. These are used for Client Authentication.
The SSLCACertificateFile This directive points to the PEM-encoded private key file for the server. If the contained private key is encrypted, the passphrase dialog is forced at startup time.
Restart the Apache web server using the command
sudo service apache2 restartIf you followed the article, you will be able to point your domain to HTTPS.
We partner with you and bring together talented team of designers, front end developers, back end developers, Software architect, Cloud engineers to make your vision a reality and business a success.
by Zehntech