This is some text from an external source....
Just to get the brain going.
Configure Apache/SSL
mkdir /usr/local/htdocs/secure mkdir /usr/local/htdocs/secure/myhost.mydomain
#Now make changes in ssl.conf
#Look for similar lines and make sure it looks like this:
<VirtualHost _default_:443> # General setup for the virtual host DocumentRoot "/usr/local/htdocs/secure/myhost" ServerName myhost.mydomain:443 ServerAdmin me@myhost.mydomain ErrorLog logs/error_log TransferLog logs/access_log #This is dangerous I just realized (01-02-2004) #It causes a loop in redirection. I've only noticed #the problem when still using localhost. #The URL gets the domain appended in recursive fashion #Get your site up first by leaving it commented out. #You can try adding it later if you need it. #Redirect / https://myhost.mydomain/mywebapp # Static files Alias /mywebapp "/usr/local/tomcat/webapps/mywebapp" <Directory "/usr/local/tomcat/webapps/mywebapp"> Options Indexes FollowSymLinks DirectoryIndex index.jsp </Directory> # Deny direct access to WEB-INF and META-INF <Location "/mywebapp/WEB-INF/*"> AllowOverride None deny from all </Location> <Location "/mywebapp/protected_area/*"> AllowOverride None deny from all </Location>
Create SSL Certificate
Someone else outlined this in his install document and has some info on other packages such as Oracle, JFreeChart, and iText
Please see http://myweb.cableone.net/kdubuisson/Install.PDF
cd /usr/local/ssl/bin ./openssl genrsa -out myhost.mydomain.key 1024 ./openssl req -new -key myhost.mydomain.key -out myhost.mydomain.csr
#Answer the questions you are prompted with
./openssl x509 -days 365 -req -in myhost.mydomain.csr \ -signkey myhost.mydomain.key -out myhost.mydomain.cert
#For 1 year
cp myhost.mydomain.* /usr/local/apache2/conf
#copy them over
#edit http.conf file
SSLCeritifcateFile /usr/local/apache2/conf/myhost.mydomain.cert SSLCertificateKeyFile /usr/local/apache2/conf/myhost.mydomain.key