1 / 9

HTTPS/SSL

HTTPS/SSL. Oleh: Idris Winarno. Persiapan. Pastikan repository debian # vim /etc/apt/sources.list deb http://kebo.vlsm.org/debian etch main contrib non-free # apt-get update. Installasi DNS Server. Materi dapat di download di: http://kebo.vlsm.org/~idris/file/admin_jarkom/DNSserver.pdf

najwa
Download Presentation

HTTPS/SSL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HTTPS/SSL Oleh: Idris Winarno

  2. Persiapan • Pastikan repository debian # vim /etc/apt/sources.list deb http://kebo.vlsm.org/debian etch main contrib non-free # apt-get update

  3. Installasi DNS Server • Materi dapat di download di: http://kebo.vlsm.org/~idris/file/admin_jarkom/DNSserver.pdf • Tambahkan subdomain ssl # vim /var/cache/bind/(nama file)

  4. Installasi Web Server • Materi dapat di download di: http://kebo.vlsm.org/~idris/file/admin_jarkom/P1%20-%20Apache.pdf • Tambah kan port 443 # vim /etc/apache2/ports.conf • Tambahkan namevirtual # vim /etc/apache2/conf.d/virtual NameVirtualHost *:80 NameVirtualHost *:443 • Hapus NameVirtualHost yang ada di /etc/apache2/sites-enables/000-default • Aktikan module ssl # a2enmod ssl # /etc/init.d/apache2 restart

  5. Installasi Certificate • Installasi: # apt-get install openssl ssl-cert

  6. Pebuatan Certificate • Buat folder untuk meletakkan cert # mkdir /etc/apache2/ssl # cd /etc/apache2/ssl • Membuat cert # openssl req –new > domainku.csr # openssl rsa –in privkey.pem –out domainku.key # openssl x590 –in domainku.csr –out domainku.cert –req –signkey domainku.key –days 365

  7. Generating a 1024 bit RSA private key ...........++++++ ...............++++++ writing new private key to 'privkey.pem' Enter PEM pass phrase: Verifying - Enter PEM pass phrase: ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:ID State or Province Name (full name) [Some-State]:East Java Locality Name (eg, city) []:Surabaya Organization Name (eg, company) [Internet Widgits Pty Ltd]:PENS-ITS Organizational Unit Name (eg, section) []:UPT Jaringan Common Name (eg, YOUR name) []:domainku.com Email Address []:idris@eepis-its.edu Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:my pass An optional company name []:PENS-ITS

  8. Integrasi cert di apache • Edit sites-enabled # vim /etc/apache2/sites-enabled/000-default <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/domainku.cert SSLCertificateKeyFile /etc/apache2/ssl/domainku.key ServerName ssl.domainku.com ServerAdmin idris@eepis-its.edu DocumentRoot /var/www/ <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all # This directive allows us to have apache2’s default start page # in /apache2-default/, but still have / go to the right place # RedirectMatch ^/$ /apache2-default/</Directory> </VirtualHost>

  9. Testing • Restart server apache2 # /etc/init.d/apache2 restart • Buka web browser dan akses https://ssl.domainku.com • Cek certificate yang ada di browser

More Related