Difference between revisions of "Apache 2 - SSL certificates page"
Line 74: | Line 74: | ||
Go to 'https://myServer/ssl' >> As the certificate is not installed yet you'll see the following alert: | Go to 'https://myServer/ssl' >> As the certificate is not installed yet you'll see the following alert: | ||
− | [[File:SSL_security_alert_1.png| | + | [[File:SSL_security_alert_1.png|500px|SSL non secure website (1)]] |
''Example of alert on Google chrome (click “proceed anyway”)'' | ''Example of alert on Google chrome (click “proceed anyway”)'' | ||
Line 84: | Line 84: | ||
You can also check the URL bar: | You can also check the URL bar: | ||
− | [[File:SSL_security_alert_2.png| | + | [[File:SSL_security_alert_2.png|600px|SSL non secure website (2)]] |
Line 117: | Line 117: | ||
Restart Google Chrome | Restart Google Chrome | ||
− | Check result | + | |
− | After Google Chrome restart, go back to https://myServer/ | + | |
+ | |||
+ | ==Check result== | ||
+ | |||
+ | After Google Chrome restart, go back to 'https://myServer/ssl' | ||
+ | |||
+ | |||
+ | Notice the URL bar: | ||
+ | |||
+ | [[File:SSL_OK.png|600px|SSL OK]] | ||
+ | |||
+ | |||
Everything is OK now! | Everything is OK now! |
Revision as of 14:53, 8 June 2014
Contents
Setup website to send local CA and server certificates
This required to have a secure web server up and running.
- See SSL server
- See Apache 2
Preparation
Create dedicated folder
mkdir -p /var/www/myServer/ssl
touch /var/www/myServer/ssl/index.html
Create Web page
<html>
<head>
<title>Certificates list</title>
</head>
<body>
<h1>Certificates list</h1>
<hr/>
<h2>Certification Authority</h2>
<p>
Authority of certification:
<a href="https://serverURL/ssl/cacerts.pem ">root certificate</a>
</p>
<h2>Servers certificates</h2>
<p>Click on the following links to download sub-servers certificates</p>
<ul>
<li>
<a href=" https://serverURL/sslserverName.p12">my server</a>
</li>
</ul>
</body>
</html>
Copy files
cp /srv/ssl/cacerts.pem /var/www/myServer/ssl/
cp /srv/ssl/export/serverName.p12 /var/www/myServer/ssl/
Update rights
chown -R www-data:www-data /var/www/myServer/ssl
chmod 755 -R /var/www/myServer/ssl
Installation on client computer
Access SSL page
Go to 'https://myServer/ssl' >> As the certificate is not installed yet you'll see the following alert:
Example of alert on Google chrome (click “proceed anyway”)
=>For now this website is presume to be non-secured.
You can also check the URL bar:
Download file
Download the Authority of certification file:
Installation (Google Chrome)
Go to Google Chrome > Settings > Show advanced settings > HTTPS/SSL
- Enable “check for server certificate revocation”
- Click on manage certificates...
Now you should have a new screen. Click on “Trusted root Certification Authorities” > Import...
Choose the file to import (myCA.pem)
- .pem are not displayed by default, but they can be used
- Trust the certificates
Restart Google Chrome
Check result
After Google Chrome restart, go back to 'https://myServer/ssl'
Notice the URL bar:
Everything is OK now!