Skip navigation

Harald Markus Wirth

Page Content:

Configuring Apache to use SSL (Port 443) and redirect https

After creating a SSL certificate, I had to invite Apache to the party. My vhost configuration looks roughly like this:

# This may be needed on another server one day:
#LoadModule ssl_module modules/

# According to Stack Overflow, we HAVE to use "NameVirtualHost IP:443", but I didn't need it:


	DocumentRoot /srv/www/
	CustomLog    /srv/www/ common
	ErrorLog     /srv/www/

	# This alias keeps the document root clean (This is not really part of the web site)
	Alias /srv/www/ /srv/www/
	Alias /srv/www/ /srv/www/

	# emerg/alert/crit/error/warn/notice/info/debug/trace1/.../trace8
	LogLevel warn

	# Make sure, Apache can access the following files:
	SSLEngine On
	SSLCertificateFile      "/srv/www/"
	SSLCertificateKeyFile   "/srv/www/"
	SSLCertificateChainFile "/srv/www/"

	<Directory /srv/www/>
		Options +FollowSymLinks +Indexes
		AllowOverride All
		Order allow,deny
		Allow from all
		Require all granted

		#<FilesMatch "\.php[345]?$">
		#	SetHandler php-fcgi

	Redirect permanent /

On a server, that has ISPConfig installed, I had to comment out "Alias /.well-known/acme-challenge/ /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/" in /etc/apache2/sites-enabled/000-ispconfig.conf in order to get past ISPConfig's stubborness and let everyone access this folder in MY document_root. Users have no access to ISPCongigs' folder!?

Content Management:

μCMS α1.6