Oleh: Idris Winarno

This document provides instructions for setting up HTTPS/SSL on a server. It includes steps to install a DNS server and configure it with a subdomain for SSL. It also explains how to install the Apache web server, enable the SSL module, generate an SSL certificate using OpenSSL, and configure Apache virtual hosts to use the SSL certificate for encrypted communication over port 443. Testing is done by restarting Apache and accessing the server domain over HTTPS to validate the SSL certificate.

Uploaded by

Fajar Bakhrun N

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

39 views

Oleh: Idris Winarno

Uploaded by

Fajar Bakhrun N

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPT, PDF, TXT or read online on Scribd

You are on page 1/ 9

HTTPS/SSL

Oleh: Idris Winarno

Persiapan
Pastikan repository debian
# vim /etc/apt/sources.list
deb http://kebo.vlsm.org/debian etch main contrib non-free

# apt-get update
Installasi DNS Server
Materi dapat di download di:
http://kebo.vlsm.org/~idris/file/admin_jarkom/DNSserver.pdf

Tambahkan subdomain ssl

# vim /var/cache/bind/(nama file)
Installasi Web Server
Materi dapat di download di:
http://kebo.vlsm.org/~idris/file/admin_jarkom/P1%20-%20Apache.pdf

Tambah kan port 443

# vim /etc/apache2/ports.conf

Tambahkan namevirtual
# vim /etc/apache2/conf.d/virtual
NameVirtualHost *:80
NameVirtualHost *:443

Hapus NameVirtualHost yang ada di /etc/apache2/sites-

enables/000-default

Aktikan module ssl

# a2enmod ssl
# /etc/init.d/apache2 restart
Installasi Certificate
Installasi:
# apt-get install openssl ssl-cert
Pebuatan Certificate
Buat folder untuk meletakkan cert
# mkdir /etc/apache2/ssl
# cd /etc/apache2/ssl

Membuat cert
# openssl req new > domainku.csr
# openssl rsa in privkey.pem out domainku.key
# openssl x590 in domainku.csr out domainku.cert
req signkey domainku.key days 365
Generating a 1024 bit RSA private key
...........++++++
...............++++++
writing new private key to 'privkey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:East Java
Locality Name (eg, city) []:Surabaya
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PENS-ITS
Organizational Unit Name (eg, section) []:UPT Jaringan
Common Name (eg, YOUR name) []:domainku.com
Email Address []:[email protected]

Please enter the following 'extra' attributes

to be sent with your certificate request
A challenge password []:my pass
An optional company name []:PENS-ITS
Integrasi cert di apache
Edit sites-enabled
# vim /etc/apache2/sites-enabled/000-default
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/domainku.cert
SSLCertificateKeyFile /etc/apache2/ssl/domainku.key
ServerName ssl.domainku.com
ServerAdmin [email protected]
DocumentRoot /var/www/
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# This directive allows us to have apache2s default start page
# in /apache2-default/, but still have / go to the right place
# RedirectMatch ^/$ /apache2-default/
</Directory>
</VirtualHost>
Testing
Restart server apache2
# /etc/init.d/apache2 restart