Table of Contents
Webserver config
Ubuntu Apache Config
Apache enable site config
This config is from Ubuntu sites-available dir (/etc/apache2/sites-available), you will need to enable this with a2ensite xxxx-sitename
root:/opt/webca# cat /etc/apache2/sites-available/webCA
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName ca.xxxx.int
DocumentRoot /opt/webca/webroot/https/
<Directory />
Options FollowSymLinks +Includes
AllowOverride None
</Directory>
<Directory /opt/webca/webroot/https/>
Options Indexes FollowSymLinks MultiViews +Includes
AllowOverride None
Order allow,deny
allow from all
DirectoryIndex index.html
</Directory>
ScriptAlias /cgi-bin/ /opt/webca/webroot/cgi-bin/
<Directory "/opt/webca/webroot/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /opt/webca/webroot/logs/webCA-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /opt/webca/webroot/logs/webCA-access.log combined
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /opt/webca/ca-xxxx-int.cert
SSLCertificateKeyFile /opt/webca/ca-xxxx-int.key
#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
#SSLCARevocationPath /etc/apache2/ssl.crl/
#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
root:/opt/webca#
Centos Apache config
Not uploaded yet, but will be mostly the same, ie. ssl based virtual host with SNI.
