Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL setup for Testing Purposes


rj122458

Recommended Posts

I don't know if this will help anyone or not, but I'll post it here in hopes that it does. I like many it sounds have been trying to test setup a site before I

munge a prodution server. I could get the site to come up with the standard http pages. But https would not produce a page at all.

Page not found is what I was getting.

 

The test bed is on FC4 running apache httpd-2.0.54-10.4, MySql-4.1.20-1.FC4.1, openssl-0.9.7f-7.10 and PHP-5.0.4-10.5

 

Now I'm no master at this so correct me someone if there is a better way. With that said here is what I did to make this work for me.

Your mileage may vary so keep that it mind.

My pages are served from a users www directory. This breaks the default cert and https from working on the server when your pages aren't being served from the default www directory for the virtual site.

 

So to fix that you have to create a privkey.pem file in the users directory. I created a cert dir and worked in it. I made sure that when I created the privkey

that I was the test account user. You can do that by su- testuser from root.

To create the privkey copy and past this: "openssl genrsa -out privkey.pem 2048" without the (") quotes. This will create "privkey.pem" file.

Then copy and paste this: "openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095" This creates "cacert.pem" a self signed cert to test with.

Then in your httpd.conf file you must add this: (Just copy and paste and then change to fit your setup)

<VirtualHost testuser.com:443> (Or the IP# of the site you're testing with)

SSLEngine On

SSLCertificateFile /home/testuser/cert/cacert.pem

SSLCertificateKeyFile /home/testuser/cert/privkey.pem

ServerAdmin [email protected]

DocumentRoot /home/testuser/www/

ServerName www.testuser.com

ErrorLog logs/testueser.com-error_log

CustomLog logs/testuser.com-access_log common

</VirtualHost>

 

Then either stop and start the httpd server or reload it. FC4 does it this way "service httpd reload" again don't type the quotes. At this point unless something else is in a state of fubar you should be able to point your brower to the site and the https pages should display. Even the ADMIN pages.

With the secured pad lock.

 

One other thing. If you have iptables installed on the test server make sure you open port 443 on it, or it WILL NOT WORK till you do.

 

Again I HOPE this HELPS somebody somewhere as I had racked my pea brain on it for days and could not find an answer anywhere here that helped.

And like I said I am NOT an expert at Linux, I know enough to be dangerous, but I've managed to stumble my way through it so far.

 

SSL Cert. links that helped me to understand and create the SSL files needed to test with.

http://www.openssl.org/docs/HOWTO/certificates.txt

http://www.openssl.org/docs/HOWTO/keys.txt

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...