HTTPS 6. Activar la seguridad en Apache

Activar módulo SSL desde Webmin:

https://localhost:10000/

Servidores / Servidor web Apache / Configuración Global / Configure Apache Modules

    marcar
ssl

Pulsar botón  ===> Enabled Selected Modules

Crear host virtual

sudo mkdir -p /var/www/ssl/htdocs

sudo gedit /var/www/ssl/htdocs/index.html

<html>
  <head>
    <title>Bienvenido al servidor seguro Apache SSL</title>
  </head>
  <body>
    <h1>Servicios en RED</h1>
    <h2>ai1pc100</h2>
  </body>
</html>

Webmin / Servidor Web Apache  / Create Virtual Host
Puerto 443 

Raíz de Documento /var/www/ssl/htdocs

Pulsar botón  ===> Crear Ahora

Obtención del certificado:
wget http://librarian.launchpad.net/7477840/apache2-ssl.tar.gz

--2015-11-26 19:40:00--  http://librarian.launchpad.net/7477840/apache2-ssl.tar.gz
Resolviendo librarian.launchpad.net (librarian.launchpad.net)... 91.189.89.225, 91.189.89.224
Conectando con librarian.launchpad.net (librarian.launchpad.net)[91.189.89.225]:80... conectado.
Petición HTTP enviada, esperando respuesta... 301 Moved Permanently
Ubicación: https://launchpadlibrarian.net/7477840/apache2-ssl.tar.gz [siguiente]
--2015-11-26 19:40:05--  https://launchpadlibrarian.net/7477840/apache2-ssl.tar.gz
Resolviendo launchpadlibrarian.net (launchpadlibrarian.net)... 91.189.89.228, 91.189.89.229
Conectando con launchpadlibrarian.net (launchpadlibrarian.net)[91.189.89.228]:443... conectado.
Petición HTTP enviada, esperando respuesta... 200 OK
Longitud: 964 [application/x-tar]
Grabando a: “apache2-ssl.tar.gz.1”

100%[======================================>] 964         --.-K/s   en 0s     

2015-11-26 19:40:10 (2,18 MB/s) - “apache2-ssl.tar.gz.1” guardado [964/964]

Descomprimir el fichero descargado.

tar xzvf apache2-ssl.tar.gz
apache2-ssl-certificate
ssleay.cnf

sudo cp ssleay.cnf  /usr/share/apache2/

sudo cp apache2-ssl-certificate /usr/sbin


sudo mkdir /etc/apache2/ssl


sudo apache2-ssl-certificate

creating selfsigned certificate
replace it with one signed by a certification authority (CA)

enter your ServerName at the Common Name prompt

If you want your certificate to expire after x days call this programm
with -days x
Generating a 1024 bit RSA private key
................++++++
.....++++++
writing new private key to '/etc/apache2/ssl/apache.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:ES
State or Province Name (full name) [Some-State]:Cantabria
Locality Name (eg, city) []:Camargo
Organization Name (eg, company; recommended) []:IES
Organizational Unit Name (eg, section) []:VC
server name (eg. ssl.domain.tld; required!!!) []:ai1pc100
Email Address []:sersmr1516@gmail.com

Instalar el certificado:

/etc/apache2/ssl$ sudo mkdir miCA

/etc/apache2/ssl$ sudo mkdir miCA/private


/etc/apache2/ssl$ sudo cp apache.pem miCA/private/cakey.pem

/etc/apache2/ssl$ sudo cp apache.pem miCA/cacert.pem


sudo gedit miCA/serial

01

Certificados para Webmin


 Existing virtual hosts Servidor Virtual Maneja el servidor basado en nombre en la dirección *.

Dirección Cualquiera Puerto 443

Nombre del Servidor Automático Raíz para Documentos /var/www/ssl/htdocs

Opciones SSL


Comprobación del funcionamiento:

https://localhost