This small guide describes a simple configuration to use SSL for Apache2 httpd on Debian GNU/Linux 3.1 (Sarge). At this point you should already have a running Apache2 on your Debian system. With some minor modifications you should be able to use this guide for any Apache2 running on any OS.
apache2-ssl-certificate.
It will create a private key and a matching self-signed certificate.
Else you should create a private key and a certificate yourself (it is recommended to create a certificate signing request and let a commercial CA sign it so browsers will trust the webserver by default).
See this list of SSL commands to do that./etc/apache2/sites-available/default in the same directory. Call it something like ssl.
/etc/apache2/sites-enabled/. Notice that this is already done for default.
Listen 443 directive to /etc/apache2/ports.conf/etc/apache2/sites-available/ssl:
NameVirtualHost *:443 <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem ... </VirtualHost>If you are not using a self-signed certificate (which is highly recommended), then don't forget to add one of these lines so your webserver can send the full certificate chain to the client (this is usually required for a browser/client to trust the server):
SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt OR SSLCACertificatePath /full/path/to/apache/conf/certsnote: the correct Ben-SSL directive is
SSLCACertificateFile or SSLCACertificatePath
https://hostname/