mod_ssl
mod_ssl provides strong cryptography for the Apache v1.3 and v2 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) cryptographic protocols by the help of the Open Source SSL/TLS toolkit OpenSSL.[1]
It is possible to provide HTTP and HTTPS with a single server machine, because HTTP and HTTPS use different server ports, so there is no direct conflict between them. Either run two separate Apache server instances (one binds to port 80, the other to port 443) or even use Apache's virtual hosting facility where you can create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS.[1]
Documentation
- Apache 2.4 [EN]
Hint
- Use certification chaining
cd '/etc/pki/CA/'
cat 'cacert-class1.crt' 'cacert_class3.crt' > 'cacert_class1-3.crt'
Edit the file /etc/httpd/conf.d/ssl.conf and add the following line
SSLCACertificateFile /etc/pki/CA/cacert_class1-3.crt
Examples
LoadModule ssl_module modules/mod_ssl.so
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [redirect=permanent,last]