IMPORTANT: Per accedir als fitxer de subversion: http://acacha.org/svn (sense password). Poc a poc s'aniran migrant els enllaços. Encara però funciona el subversion de la farga però no se sap fins quan... (usuari: prova i la paraula de pas 123456)

Servidor_de_comunicacions_Institut_les_Planes

Certificat SSL

  • Primer que tot comprovem el port 443 que és el que fa servir https amb la següent comanda:
cat /etc/services | grep http
# Updated from http://www.iana.org/assignments/port-numbers and other
# sources like http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/services .
www		80/tcp		http		# WorldWideWeb HTTP
https		443/tcp				# http protocol over TLS/SSL
https		443/udp
http-alt	8080/tcp	webcache	# WWW caching service
http-alt	8080/udp			# WWW caching service
  • Després de comprovar el port, executarem les 2 comandes següents:
a2enmod ssl
a2ensite default-ssl
  • Un cop executades, reiniciarem el servei apache:
/etc/init.d/apache2 reload
  • Finalment, introduïrem la @IP o localhost a la URL amb https.

Ssl22.png

Per crear el certificat

  • Per crear el certificat executarem les comandes següents:
  • Crearem la carpeta de ssl
mkdir /etc/apache2/ssl
  • Entrarem dintre per crear el certificat
cd /etc/apache2/ssl
  • Crearem el certificat
openssl req -new -x509 -nodes -out certificat.pem -keyout certificat.pem -days 365
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC6o/r8z/zcuZ6nCYFw1wcoaf77LCDbwcU7SK02g1/KmD/rWs5Y
HP6gBbE8TVz8SUxBAZwHiVyBxNaX+7wW7uHXKy+uyV/5ew1BuZtlyHJhIJTz7uWw
lx4q7n0epKJaDU7Df32EQXlkPQQysAnzhd/eJtfscq10jrQ8VHCzL7iOuwIDAQAB
AoGAd4ZgS9sewnQVCD/sJ0ltihInes8N0+5J0ud+FfUYOXQ7KwwiLQeUgQJkOIwK
yn5eWRsgwyrSlUBrdTV/hOhCtCFMhkN8yIVvvkjqGO6Ok1J3PuARrJKu6lX/5hjq
YKpsjbMaIS7I+ovqpOy3jIpQdOEB/+ZTRVZkT2KlJiJ2eYECQQD1xpACmYgwsTRd
LDpD2qT10B0VA+nyQ46uvDOYwqDEOUjGZyo77FWNmhFAFj9Yc4wrIJ7S5lv+3miz
CCiuw2bhAkEAwmelk9MwzeCfW2H+7Qhxr0XmBNT5n0gzn4pKIlRpXRuHiMRxzfVT
8l5grosKD4Evj3eeL4N9dqJGNi+5gnRVGwJBAN7QMsKImhU6sXQ+olvdnmtTTuo8
cB037eSvrj8xQzphjH6CDKHisfT71eO5x5fSuSJoIlSkjoZS76xPG0LE10ECQF11
3Mlzp6viiFozg45LF/SOoyXBifyEhqT1o+xbLohfmsoqvxeoEOKdcteW6pBHqCjN
9hOboG6vVxfn28SWzu8CQEYVCYNL1U0l0+9pBlxP7LT/uCtC39nKAqtbgQoY0+K1
BwIzgp0XeiHhM4RQ2omoNda2d0nWhjBo3b/JJZxtCmQ=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDwjCCAyugAwIBAgIJAMSrCnnTn/s+MA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD
VQQGEwJFUzEMMAoGA1UECBMDQ0FUMRIwEAYDVQQHEwlTdEJhcmJhcmExFTATBgNV
BAoTDElOU0xlc1BsYW5lczENMAsGA1UECxMEMlNNWDESMBAGA1UEAxMJc3RiYXJi
YXJhMTIwMAYJKoZIhvcNAQkBFiNpbnNsZXNwbGFuZXMuc2FudGFiYXJiYXJhQGdt
YWlsLmNhdDAeFw0xMTA1MjMxNDMyNTlaFw0xMjA1MjIxNDMyNTlaMIGdMQswCQYD
VQQGEwJFUzEMMAoGA1UECBMDQ0FUMRIwEAYDVQQHEwlTdEJhcmJhcmExFTATBgNV
BAoTDElOU0xlc1BsYW5lczENMAsGA1UECxMEMlNNWDESMBAGA1UEAxMJc3RiYXJi
YXJhMTIwMAYJKoZIhvcNAQkBFiNpbnNsZXNwbGFuZXMuc2FudGFiYXJiYXJhQGdt
YWlsLmNhdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuqP6/M/83LmepwmB
cNcHKGn++ywg28HFO0itNoNfypg/61rOWBz+oAWxPE1c/ElMQQGcB4lcgcTWl/u8
Fu7h1ysvrslf+XsNQbmbZchyYSCU8+7lsJceKu59HqSiWg1Ow399hEF5ZD0EMrAJ
84Xf3ibX7HKtdI60PFRwsy+4jrsCAwEAAaOCAQYwggECMB0GA1UdDgQWBBTjGmPT
wuhl64GQ5UntHPPtOkdiYjCB0gYDVR0jBIHKMIHHgBTjGmPTwuhl64GQ5UntHPPt
OkdiYqGBo6SBoDCBnTELMAkGA1UEBhMCRVMxDDAKBgNVBAgTA0NBVDESMBAGA1UE
BxMJU3RCYXJiYXJhMRUwEwYDVQQKEwxJTlNMZXNQbGFuZXMxDTALBgNVBAsTBDJT
TVgxEjAQBgNVBAMTCXN0YmFyYmFyYTEyMDAGCSqGSIb3DQEJARYjaW5zbGVzcGxh
bmVzLnNhbnRhYmFyYmFyYUBnbWFpbC5jYXSCCQDEqwp505/7PjAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBQUAA4GBAAhVDeE8Vy/YHOOwCeVCDUPuB+KNUSzil99G
sJop0t04SavTy2Dwx26g4xcEn9BsbgjevSV0j5zsRQ49XzwwhgJJ911juJI5dW16
mmEMxAtWG1aUujm0+MOXeZ6zrMp+K0Dj8XjRWn/jH8SPW75d7gpvihU51xQUotU2
rkA+EW4Z
-----END CERTIFICATE-----
  • Ara cal configurar Apache per tal d'utilitzar el certificat: Editarem el següent fitxer (i canviarem les següents linies)
[email protected]:/etc/apache2/sites-available$ sudo nano default-ssl
  • Estes:
SSLCertificateFile    /etc/apache2/ssl/cert/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/apache2/ssl/privat/ssl-cert-snakeoil.key
  • Per aquestes:
SSLCertificateFile    /etc/apache2/ssl/certificat.pem
SSLCertificateKeyFile /etc/apache2/ssl/certificat.pem

Ssl2asdas.png

Enllaços externs

Configuració certificat SSL