Inhaltsverzeichnis:

https

2021-03-14 / 2024-06-03

Einrichten von HTTPs für Apache2 und lighttpd

Apache2

#Zertifikat einspielen im Apache
sudo mv ~/.cert/l0la59.l11.crt /etc/ssl/certs/apache.crt
sudo mv ~/.cert/l0la59.l11.key /etc/ssl/private/apache.key

sudo a2enmod rewrite
sudo a2enmod ssl
	
#sudo nano /etc/apache2/sites-enabled/000-default.conf
        RewriteEngine On
        RewriteCond %{HTTPS} !=on
        RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

sudo mv /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/000-default-ssl.conf

#sudo nano /etc/apache2/sites-available/000-default-ssl.conf
<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/apache.crt
        SSLCertificateKeyFile /etc/ssl/private/apache.key
</VirtualHost>

sudo a2ensite 000-default-ssl.conf

#Apache neustarten
sudo service apache2 restart

lighttpd

Verbugged... Siehe Kommentar in lighttpd

#Zertifikat zusammenführen und ablegen
cat wac47.l11.key wac47.l11.crt >> wac47.l11.pem
sudo cp wac47.l11.pem /etc/lighttpd/

#HTTPS konfigurieren
sudo nano /etc/lighttpd/lighttpd.conf
        #In server.modules{} einfügen
        "mod_openssl",
        "mod_accesslog",

        $SERVER["socket"] == "192.168.7.47:443" {
                ssl.engine = "enable"
                ssl.pemfile = "/etc/lighttpd/wac47.l11.pem"
                #server.name = "example.com"
                server.document-root = "/var/www/html"
                server.errorlog = "/var/log/lighttpd/ssl-error.log"
                accesslog.filename = "/var/log/lighttpd/ssl-access.log"
        }

        $HTTP["scheme"] == "http" {
                url.redirect = ("" => "https://${url.authority}${url.path}${qsa}")
                url.redirect-code = 308
        }

#Syntax prüfen:
lighttpd -t -f /etc/lighttpd/lighttpd.conf

sudo systemctl restart lighttpd.service
sudo systemctl status lighttpd.service