www.bonsaiframework.com
Page tree

Versions Compared

Old Version 67

changes.mady.by.user Tin Pham

Saved on

compared with

New Version 68

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

All the SSL entries are derived from etc/apache2/sites-available/default-ssl. Read the comments in that file for a more in depth understanding of the configurations.

First we create the file,

Code Block
languagebash
cd /etc/apache2/sites-available
sudo cp default-ssl www.earth.com-ssl

Building upon the work in BonsaiFramework Apache Virtual Hosting, below are the minimal recommend lines to enable SSL.

Code Block
languagexml
linenumberstrue
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin webmaster@localhost

    ServerName www.myrapham.com
    ServerAlias myrapham.com

    # Enforce www in front of url.
        RewriteEngine On
        RewriteCond %{HTTP_HOST} !^www\.myrapham\.com$ [NC]
        RewriteRule (.*) https://www.myrapham.com$1 [R,L]

    DocumentRoot /home/www.myrapham.com/www
    <Directory />
        # This prevents use of .htaccess
        AllowOverride None    
    </Directory>

    ErrorLog /var/log/apache2/ssl_www.myrapham.com.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/ssl_ww.myrapham.com.access.log combined

    # Mount application on Tomcat
    JkMount /wiki/* tomcat_confluence_a_worker
    JkMount /wiki tomcat_confluence_a_worker

    <Location /wiki/>
        FilterDeclare filter_string_replace
        FilterProvider filter_string_replace SUBSTITUTE resp=Content-Type $text/html
        Substitute "s/www.breakitdown.ca/www.myrapham.com/ni"
        Substitute "s/Break It Down/www.myrapham.com/n"
        FilterChain filter_string_replace
        Redirect permanent /wiki/dashboard.action https://www.myrapham.com/wiki/display/myra/Home
        Redirect permanent /wiki/display/myrahouse/Home https://www.myrapham.com/wiki/display/myra/Home
    </Location>

    # ---------------------
    # Start Enable SSL
    # -----------------

           #  # SSL Engine Switch:
    #   # Enable/Disable SSL for this virtual host.
    SSLEngine on

    # Load the keys
    SSLCertificateFile    /etc/ssl/certs/www.myrapham.com_server.crt
    SSLCertificateKeyFile /etc/ssl/private/www.myrapham.com_server.key

    # Load the Certificate chain
    SSLCertificateChainFile /etc/ssl/certs/StartSSL_Sub_Class1_CA.pem

    # Loads all Certificate Authorities in the provided path
    SSLCACertificatePath /etc/ssl/certs/

    # SSL Engine Options
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>

    # SSL Protocol Adjustments
    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

    # -----------------
    # End Enable SSL
    # ---------------------

</VirtualHost>
</IfModule>

...