stackoom
  简体   繁体   中英

Set up Ubuntu Apache2 SSL using .pem and .key from Cloudflare

 原文  2020-11-16 18:28:43       ubuntu/ ssl/ apache2/ cloudflare

Question

I am using Cloudflare to set up a secure connection on Ubuntu 20 using Apache2. I used their Origin Server wizard to generate the following files:

example.com.pem (Origin Certificate)

example.com.key file (Private key)

I gave them the extensions suggested by Cloudflare.

I ran this:

 sudo a2enmod ssl
 sudo systemctl restart apache2

This is my setup:

<VirtualHost *:443>
    ....
    SSLEngine on
    SSLCertificateFile /path/example.com.pem
    SSLCertificateKeyFile /path/example.com.key

The non-secure site works fine (I haven't pointed it to the secure yet), but I still get error 525 (SSL handshake failed) when I try to access the secure site. (I got a website down error before running the sudo a2enmod ssl command)

I tried to see if it was set up ok:

apachectl configtest

It just says "Syntax OK"

(Edit: I removed the wrong stuff I tried - which I now know is wrong - to simplify the question.)

1 answers

solution1
 0 ACCPTED  2021-01-02 15:49:38

With Max Ivanov's comment answer, this worked:

Generate the files

Use Cloudflare's Origin Server wizard to generate the following files:

example.com.pem (Origin Certificate)

example.com.key file (Private key)

I gave them the extensions suggested by Cloudflare.

Copy to Ubuntu

Copy the files to Ubuntu. A good spot is /etc/ssl

Add path to your .conf files

These files are in /etc/apache2/sites-available

You can use the default files or create your own specific for your site. I have example.com.conf and example.com-ssl.conf

Add the path to the two copied files to the secure version (example.com-ssl.conf)

<VirtualHost *:443>
   ....
   SSLEngine on
   SSLCertificateFile /path/example.com.pem
   SSLCertificateKeyFile /path/example.com.key

Tell Ubuntu to use it

If you created your own conf files, then you'll need to add them to sites-available, which you do like this:

sudo a2ensite example.com.conf
sudo a2ensite example.com-ssl.conf

You may also need to remove the default ones, depending on your use case. There's a command somewhere for that...

You also need to run

sudo a2enmod ssl
sudo systemctl restart apache2

Set Cloudflare to strict

In the dashboard, set the ssl to strict.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Unable to establish SSL connection while setting up SSL on Ubuntu/Apache2 Installing SSL On apache2 & Ubuntu 14.04 Setting up caching in Apache2 on ubuntu 14.04 how to set apache2 for CodeIgniter ono ubuntu Apache2 SSL Configuration with Virtual Hosts on Ubuntu 14.x SSL Certificate not working - “no start line” Error - Apache2 Ubuntu 16.04.1 Cant get SSL working. Apache2/Ubuntu enable php on apache2 (using Ubuntu 16.04) How do I have Apache2 httpd use the ubuntu's CA cert for outbound SSL connections from Apache? Access to apache2 on ubuntu from phone
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM