Where is ssl conf file

Locate your ssl. Note: The defualt name of this file is httpd-ssl. You can simply copy the current one and rename it as ssl. Once the ssl. Also note that anything in bold should be changed to reflect your settings. It is sstrongly recommended that you backup and read through the entire configuration file before modifying it.

Once you have made the following changed and created a backup, save the ssl. Now you will want to locate your httpd. As far as making a script to install the cert automagically If you're sticking with one specific distro By default, however, most platforms still running apache Apache 2. As a good idea, I would highly suggest you standardize your environments as much as possible. Trying to support multiple environments with multiple types of configs and multiple versions of everything is an absolute nightmare.

Additionally, Apache 1 is beyond EoL. Sure, hotfixes might still be released I have yet to find anything that is only available in Apache 1. Apache 2 as been stable for 8 years now I doubt you can write a generic script that will apply accross all platforms there is too much variation, and for complex configurations your script almost certain to break things rather then be successful. There is not requirement for putting configuration related to ssl in the ssl.

On my hosts where I have about 30 virtual hosts, the ssl. Sign up to join this community. The best answers are voted up and rise to the top. The following sections highlight the most common situations which require further modification to the configuration. With more than a few certificates, the stapling cache size bytes in the example above may need to be increased.

Error message AH will be logged in case of an error storing a response. You can confirm that a server certificate points to an OCSP responder using the openssl command-line program, as follows:.

Note that firewall rules that control outbound connections from the web server may need to be adjusted. Several directives are available to handle timeouts and errors. In order to support OCSP Stapling when a particular server certificate is used, the certificate chain for that certificate must be configured. If it was not configured as part of enabling SSL, the AH error will be issued when stapling is enabled, and an OCSP response will not be provided for clients using the certificate.

When you know all of your users eg, as is often the case on a corporate Intranet , you can require plain certificate authentication. All you need to do is to create client certificates signed by your own CA certificate ca.

If a password is asked to enable the sudo user, you may contact your hosting provider or system administrator to get access. Alternatively, you can download the certificate files in your Account. The zip-archive will contain the Certificate for your domain name. These are known as a chain of intermediate and root Certificates. If you uploaded the intermediate Certificates separately onto your server, you will need to link them into a single CA-Bundle file.