Apache Http Secure Server Configuration - Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual

Chapter 22. Apache HTTP Server
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost>
To activate name-based virtual hosting, uncomment the NameVirtualHost line by removing the
hash mark (#) and replace the asterisk (*) with the IP address assigned to the machine.
Next, configure a virtual host by uncommenting and customizing the <VirtualHost> container.
On the <VirtualHost> line, change the asterisk (*) to the server's IP address. Change the
ServerName to a valid DNS name assigned to the machine, and configure the other directives as
necessary.
The <VirtualHost> container is highly customizable and accepts almost every directive available
within the main server configuration.
Tip
If configuring a virtual host to listen on a non-default port, that port must be added to the
Listen directive in the global settings section of /etc/httpd/conf/httpd.conf file.
To activate a newly created virtual host, the Apache HTTP Server must be reloaded or restarted.
Section 22.3, "Starting and Stopping httpd"
Refer to
Comprehensive information about creating and configuring both name-based and IP address-based
virtual hosts is provided online at http://httpd.apache.org/docs/2.2/vhosts/.

22.8. Apache HTTP Secure Server Configuration

This section provides basic information on the Apache HTTP Server with the mod_ssl security
module enabled to use the OpenSSL library and toolkit. The combination of these three components
are referred to in this section as the secure Web server or just as the secure server.
The mod_ssl module is a security module for the Apache HTTP Server. The mod_ssl module uses
the tools provided by the OpenSSL Project to add a very important feature to the Apache HTTP
Server — the ability to encrypt communications. In contrast, regular HTTP communications between
a browser and a Web server are sent in plain text, which could be intercepted and read by someone
along the route between the browser and the server.
This section is not meant to be complete and exclusive documentation for any of these programs.
When possible, this guide points to appropriate places where you can find more in-depth
documentation on particular subjects.
This section shows you how to install these programs. You can also learn the steps necessary to
generate a private key and a certificate request, how to generate your own self-signed certificate, and
how to install a certificate to use with your secure server.
The mod_ssl configuration file is located at /etc/httpd/conf.d/ssl.conf. For this file to be
loaded, and hence for mod_ssl to work, you must have the statement Include conf.d/*.conf in
the /etc/httpd/conf/httpd.conf file. This statement is included by default in the default Apache
HTTP Server configuration file.
348
for further instructions.