https

In order to provide Transport Layer Security (TLS), same as for its predecessor Secure Sockets Layer (SSL), it is not compulsory to use a digital certificate issued by one of the well-known (trusted) certification authorities (CA), in case when authentication of the server is not of a particular interest. The so-called self-signed certificate (i.e. an identity certificate signed by the same entity whose identity it should certify) is able to ensure that the connection is secure.

1) Generate self-signed certificate, depending on the particular server environment (e.g. using keytool).
2) Configure the server to serve the requests over HTTPS.
3) Inform the client about the need to whitelist the self-signed certificate.

Ensure secure data transmission over HTTPS in the absence of officially issued digital certificate

The transmission of (sensitive) data between server and client should be secured, in particular against eavesdropping and man-in-the-middle attack. The client accesses data (which is stored on the server) over HTTP through specific web interface. Hence, the client-server communication should be adapted to HTTP over TLS/SSL (i.e. HTTPS). There is no possibility to receive an officially issued digital certificate from one of the well-known certification authorities (CA). The solution should be simple, and the implementation may not take longer than ca. 2 hours.

Moving a WordPress site to HTTPS

An existing WordPress site shall be moved from HTTP to HTTPS. All resources should be loaded via HTTPS after the update. Therefore, all text occurrences, hyperlinks and image resources in pages and posts must be updated with the new URL.

Solution for "Enable https on Apache 2"

    1. make a self signed certificate with the command:

    apache2-ssl-certificate
    2. enables the ssl mode for apache 2:

    a2enmod ssl
    3. Add the following line to ports.conf (probably located at /etc/apache2/ports.conf)

    Listen 443
    4. Add the following lines to the virtual hosts file. (Change the location of the ssl certificate file if necessary.)

    ServerName earth.my.flat

    DocumentRoot /var/www/
    ErrorLog /var/log/apache2/error.log
    CustomLog /var/log/apache2/access.log combined

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.pem


http://www.debian-administration.org/articles/349

Enable https on Apache 2

How can I enable https on an apache 2 server? By default it is not enabled.

IIS needs a specific Certificate format

For creating a working key for IIS Server you need to create the key in IIS Manager Console.

1. Create a new Certification Request in IIS Management Console for a specified website.

2. The newly created Request has to be signed now. Therefore you can use some Certification Authority (CA) like Thawte or VeriSign, they also provide temporary certificates for testing purposes.
It is also possible to do this step by yourself by using "IIS 6.0 Resource Kit Tools".

3. Take the whole text from Certification Request generated by IIS and copy it into the enrollment form for CA and select the format (in this case IIS 5.0 or 6.0)

4. Now a certificate will be generated by the CA you can store in a *.cer file.

5. You can take this file now and assign it to the pending request on IIS and the SSL authentification should work.

Taggings:

Subscribe to https