14 Oct 2014

Setting SSL (DigiCert) pada Apache di FreeBsd

Kali ini tempat saya membeli sertifikat SSL dari DigiCert. Terdapat beberapa file yang dibutuhakn diantaranya:

  1. file.key
  2. domain_com.crt
  3. DigiCertCA.crt
  4. TrustedRoot.crt

Langkah pertama

copy semua file diatas ke folder /usr/local/etc/apache22

kemudian setting pada file httpd-ssl.conf yang berada pada folder /usr/local/etc/apache22/extra/

ganti pada bagian script berikut (SSLCertificateFile, SSLCertificateKeyFile,SSLCertificateChainFile, SSLCACertificatefile)

SSLCertificateFile "/usr/local/etc/apache22/domain_com.crt"
SSLCertificateKeyFile "/usr/local/etc/apache22/file.key"
SSLCertificateChainFile "/usr/local/etc/apache22/DigiCertCA.crt"
SSLCACertificatefile "/usr/local/etc/apache22/TrustedRoot.crt"

Kemudian save dan keluar

Langkah Kedua

Edit file http.conf

pastikan sudah ada dalam file http.conf script berikut

LoadModule rewrite_module libexec/apache22/mod_rewrite.so

kemudian Uncomment komentar pada script

Include etc/apache22/extra/httpd-vhosts.conf
Include etc/apache22/extra/httpd-ssl.conf

Keluar dan save

Langkah Ketiga

selanjutnya edit pada file etc/apache22/extra/httpd-vhosts.conf

NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
         ServerName domainssl.com
         Redirect / https://domainssl.com/
</VirtualHost>
<VirtualHost *:443>
         ServerName domainssl.com
         ServerAlias domainssl.com
         ServerAdmin admin@domainssl.com
         SSLEngine on
         SSLCertificateFile /usr/local/etc/apache22/domain_com.crt
         SSLCertificateKeyFile /usr/local/etc/apache22/file.key
         SSLCertificateChainFile /usr/local/etc/apache22/DigiCertCA.crt
         SSLCACertificatefile "/usr/local/etc/apache22/TrustedRoot.crt
         DocumentRoot "/letak/webfile"
         ErrorLog "/letak/webfile/error.log"
         CustomLog "/letak/webfile/acces.log" common
         <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %{HTTPS} !on
                RewriteRule .* https://%{HTTP_HOST}/%{REQUEST_URI} [R=301,L,QSA]
         </IfModule>
         <Directory "/letak/webfile">
                Options Indexes FollowSymLinks
                AllowOverride All
                Order allow,deny
                Allow from all
         </Directory>
</VirtualHost>
<VirtualHost *:80>
         ServerName domain.biasa.com
         ServerAdmin admin@domainssl.com
         DocumentRoot "/letak/webfile2"
         ErrorLog "/letak/webfile2/error.log"
         CustomLog "/letak/webfile2/acces.log" common
         <Directory "/letak/webfile2">
                 Options Indexes FollowSymLinks
                 AllowOverride All
                 Order allow,deny
                 Allow from all
         </Directory>
</VirtualHost>

Save dan keluar

Langkah Terakhir

Restart apache

/usr/local/etc/rc.d/apache22 restart

Uji pada browser, apabila mengakses domainssl.com menjadi https://domainssl.com dan domain.biasa.com tetap http, maka konfigurasi berhasil,

 

Leave a Reply