Monday, January 28, 2013

Enabled https on the AMI web server

Yesterday I pointed out that my web server was not listening on the secure https port, port 443.  That was written up in this article:  http://mystry-geek.blogspot.com/2013/01/got-web-server-up-and-running-in-cloud.html Today I got the Apache server to listen to this port and respond using the SSL protocol, it was as easy as typing:


sudo yum install mod_ssl 

sudo /etc/init.d/httpd restart

and the web server was responding on port 443 the same as it did on port 80.

Unfortunately the firefox browser responded with this warning:



 And Google Chrome marked the connection like this:


This is because I do not have a security certificate for the web site. 

The way this works is that there are root certifying authorities that will sign a certificate for you with your host name embedded in the certificate.  It can only be used for that one web site.  If you use the certificate on the wrong web site, sign your own certificate, or just do not have a certificate, then browsers will complain about the website is not to be trusted and nobody will buy anything from your e-commerce web site.

 The process of creating a secure certificate for use on the LAMP server is detailed here: http://www.apache.com/resources/how-to-setup-an-ssl-certificate-on-apache/

Searching for the cheapest possible cert for this testing web site I found that there are several sites that will give free certificates that are acceptable for a testing website.

http://webdesign.about.com/od/ssl/tp/cheapest-ssl-certificates.htm

I decided to try out this one: http://www.startssl.com/ 

Well, I followed all the things it said to do, which is way too involved to go into in this document, and got a few files which I believe are my web certificate.  I am going to quit for the day and check this all out tomorrow.

No comments:

Post a Comment