From: Will Budicm Date: Wed, 12 Aug 2020 03:19:13 +0000 (+1000) Subject: Enabling HTTPS X-Git-Url: https://lifelog.hopto.org/gitweb/?a=commitdiff_plain;h=3309ccbaece99cb71f8438109d92c8df58fd64c8;p=LifeLog.git Enabling HTTPS --- diff --git a/Installation_LightHTTPD.txt b/Installation_LightHTTPD.txt new file mode 100644 index 0000000..1e851cc --- /dev/null +++ b/Installation_LightHTTPD.txt @@ -0,0 +1,48 @@ +# Compile/Install LightHTTPD with SSL Support + +sudo apt install libssl-dev +./configure --prefix=/usr/local/lighttpd --with-openssl --with-sqlite +make +sudo make install + +#check SSL enabled with: +lighttpd -V + +## Create Selfsigned SSL Certificate + +openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \ + -keyout elite.key -out elite.crt -subj "/CN=elite.net" \ + -addext "subjectAltName=DNS:elite.net,DNS:www.elite.net,IP:192.168.1.45" + +cat elite.key elite.crt > elite.net.pem + +## Setup virtual Host with SSL + +To set up Virtual Host with SSL, edit lighttpd config file /etc/lighttpd/lighttpd.conf with the following values. + +#Add "mod_openssl" to server module list. +server.modules = ( "mod_access", + "mod_setenv", + ... + "mod_openssl" +) + + +$SERVER[“socket”] == “:443” { + +ssl.engine = “enable” +ssl.pemfile = “/etc/lighttpd/ssl/elite.net.pem” + +# ssl.ca-file = “/etc/lighttpd/ssl/CA_issuing.crt” + +server.name = “elite.net” +server.document-root = “/sites/vhosts/elite.net/public” +server.errorlog = “/var/log/lighttpd/elite.net.error.log” +accesslog.filename = “/var/log/lighttpd/elite.net.access.log” + +} + +## Start "lighty" with -D option for interactive console trouble shooting and testing. + +lighttpd -D -f ~/dev/LifeLog/lighttpd.conf + diff --git a/lighttpd.conf b/lighttpd.conf index dcb8225..a117e4a 100644 --- a/lighttpd.conf +++ b/lighttpd.conf @@ -1,4 +1,4 @@ -server.document-root = "/home/will/dev/lighttpd/LifeLog/htdocs" +server.document-root = "/home/will/dev/LifeLog/htdocs/cgi-bin" server.port = 3000