The link above says to enable port 443 in /etc/apache2/nf, but mine already had it enabled with these lines: Save, close, then do: $ sudo a2ensite raspberrypi_orwhatever SSLCertificateKeyFile /etc/ssl/localcerts/apache.key To this (your new key location): SSLCertificateFile /etc/ssl/localcerts/apache.pem Then edit it: $ sudo nano raspberrypi_orwhateverĪnd change these two lines: SSLCertificateFile /etc$ rw-r-r- 1 root root 7461 Mar 18 14:51 default-sslĬopy the default-ssl to a new file named the same name as your FQDN name above – for this example: $ sudo cp default-ssl raspberrypi_orwhatever For me, it looked like this: -rw-r-r- 1 root root 692 default
Now you need to edit the ssl configuration file in the /etc/apache2/sites-available directory. I think my ssl file already existed in /etc/apache2/sites-available. If you get a “not found” error, try: sudo a2ensite default-ssl Then chmod those files: $ sudo chmod 600 /etc/ssl/localcerts/apache* server FQDN or YOUR name) :raspberrypi_orwhateverĮmail Address that is done, you will have two new files in this directory: /etc/ssl/localcerts Organizational Unit Name (eg, section) :SysOpsProgFestĬommon Name (e.g. Organization Name (eg, company) :PaynsName State or Province Name (full name) :California That server name is mapped to an internal IP, like 192.168.1.11 or something. For me, since I’m just running it locally, that would be the server name, like “raspberrypi” – if you kept the default. the FQDN name is the name of your Apache web server. This is where I effed up, so don’t you do it too. Next, you will enter the answers to the following questions. The result of this command is: Generating a 2048 bit RSA private key $ sudo openssl req -new -x509 -days 365 -nodes -out /etc/ssl/localcerts/apache.pem -keyout /etc/ssl/localcerts/apache.key The cert is good for 365 days – you can change that. The next line starts the certificate generation. You won’t put these certs there.Ĭreate a new directory for local certificates ( -p means no error if existing, make parent directories as needed): $ sudo mkdir -p /etc/ssl/localcerts Your external certs are installed in /etc/ssl/certs. DoneĠ upgraded, 0 newly installed, 0 to remove and 4 not upgraded. If it is already installed, like it was on mine, then you will see: Reading package lists.
#Download apache web server raspberry pi install#
Then make sure Apache and OpenSSL is installed: $ sudo apt-get install apache2 openssl
#Download apache web server raspberry pi update#
Running Wheezy on a Raspberrry Pi B v1.Īs usual, update first. I followed these directions but invariably encountered problems that were not addressed. Note that this enables only “self-signed” certificates.