/
(v1) Install Apache
Document toolboxDocument toolbox

(v1) Install Apache

Owned by David Engblom
Apr 16, 2024

  1. Install the service

    yum -y install httpd

  2. Enable the Service

    systemctl enable httpd

  3. Create SSL Certificates

    ######################
# CENTOS
# Generate Test Certificate
# Generate Key
openssl genrsa -des3 -out /etc/pki/tls/private/pcr360_test.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/pki/tls/private/pcr360_test.key -out /etc/pki/tls/private/pcr360_test.key
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/pki/tls/private/pcr360_test.key -out pcr360_test.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_test.csr -signkey  /etc/pki/tls/private/pcr360_test.key -out /etc/pki/tls/certs/pcr360_test.crt

# Generate Production Certificate
# Generate Key
openssl genrsa -des3 -out /etc/pki/tls/private/pcr360_prod.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/pki/tls/private/pcr360_prod.key -out /etc/pki/tls/private/pcr360_prod.key
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/pki/tls/private/pcr360_prod.key -out pcr360_prod.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_prod.csr -signkey  /etc/pki/tls/private/pcr360_prod.key -out /etc/pki/tls/certs/pcr360_prod.crt

######################
# UBUNTU
# Generate Test Certificate
# Generate Key
openssl genrsa -des3 -out /etc/ssl/private/pcr360_test.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/ssl/private/pcr360_test.key -out /etc/ssl/private/pcr360_test.key 
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/ssl/private/pcr360_test.key -out pcr360_test.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_test.csr -signkey  /etc/ssl/private/pcr360_test.key -out /etc/ssl/certs/pcr360_test.crt

# Generate Production Certificate
# Generate Key
openssl genrsa -des3 -out /etc/ssl/private/pcr360_prod.key 4096 
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/ssl/private/pcr360_prod.key -out /etc/ssl/private/pcr360_prod.key
# Generate Certificate Signing Request (CSR)
openssl req -new -sha256 -key /etc/ssl/private/pcr360_prod.key -out pcr360_prod.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_prod.csr -signkey  /etc/ssl/private/pcr360_prod.key -out /etc/ssl/certs/pcr360_prod.crt

  4. Install SSL Mod

     yum -y install mod_ssl mod_headers mod_http2

  5. Restart Apache

    systemctl restart httpd

Related content

Install Apache
Install Apache
PCR-360 Wiki
More like this
Install Apache
Install Apache
PCR-360 (Cloud-Archive)
More like this
(2024.1) Install Apache
(2024.1) Install Apache
PCR-360 Wiki
More like this
(v1) Setting up Bypass VHOSTs & URLs
(v1) Setting up Bypass VHOSTs & URLs
PCR-360 (Cloud-Archive)
More like this
Setting up Bypass VHOSTs & URLs
Setting up Bypass VHOSTs & URLs
PCR-360 (Cloud-Archive)
More like this
Setting up Bypass VHOSTs & URLs
Setting up Bypass VHOSTs & URLs
PCR-360 Wiki
More like this

Help Desk Portal - Email: help@pcr.com - Phone: 616.259.9242