SlideShare a Scribd company logo

Making the secure communication between Server and Client with https protocol

Download as PPT, PDF
A
Armenuhi Abramyan

This document discusses how to configure Apache HTTP Server 2.2.14 to enable secure communication using HTTPS. It describes generating a private key and self-signed certificate for the server, configuring the Apache modules for SSL and rewrite, and testing that web pages under the /b directory are only accessible via HTTPS and redirect HTTP requests to HTTPS.

Technology
Related topics:
Information Security
1 of 18
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Making the secure communicationMaking the secure communication between Server and Client withbetween Server and Client with https protocolhttps protocol Armenian e-Science Foundation (ArmeSFo) 49 Komitas Ave, 0051 Yerevan Armenia http://www.escience.am/ Armenuhi Abramyan, Hayk Haroyan {armabram, hharoyan}@mail.yerphi.am
Content 1.1. Secure Socket Layer (SSL)Secure Socket Layer (SSL) 2.2. How SSL worksHow SSL works 3.3. Installing theInstalling the Apache 2.2.14Apache 2.2.14 server withserver with sslssl andand rewriterewrite modulesmodules 4. Configuring Apache for enabling module ssl 5.5. Creating the private key and self-signed certificate for serverCreating the private key and self-signed certificate for server 6.6. Starting the apache serverStarting the apache server 7. Testing the secure communication 8. Configuring Apache for enabling module rewrite and making some (b) directory of web site under https protocol 9. Restarting the apache server, and trying to open any web page under b directory with http protocol
SSL is the transaction security protocol used by websites to protect online communications. The most common use of SSL is to provide protection for confidential data, such as personal details or credit card information, entered into a website. Secure Socket Layer (SSL)Secure Socket Layer (SSL)
How SSL works
Installing the Apache 2.2.14 server with ssl and rewrite modulesInstalling the Apache 2.2.14 server with ssl and rewrite modules $> tar -xvzf httpd-2.2.14.tar.gz $> ./configure --prefix=/usr/local/httpd-2.2.14 --enable-modules='rewrite ssl‘ $> make #> make install 1. Download the latest version of Apache server from www.apache.org 2. Install the Apache server by using the following commands:
#> vi /usr/local/httpd-2.2.14/conf/httpd.conf Configuring Apache for enabling module ssl 1. Edit the apache config file (/usr/local/httpd-2.2.14/conf/httpd.conf) # Secure (SSL/TLS) connections Include conf/extra/httpd-ssl.conf 2. Uncomment the line of including the ssl config file then save and Quit (ESC+:wq) #> cd /usr/local/httpd-2.2.14/conf/ #> vi extra/httpd-ssl.conf 3. Edit the ssl config file (/usr/local/httpd-2.2.14/conf/extra/httpd-ssl.conf) Listen 443 SSLCertificateFile "/usr/local/httpd-2.2.14/conf/server.crt" SSLCertificateKeyFile "/usr/local/httpd-2.2.14/conf/server.key"
Step 1: Generate a Private Key #> openssl genrsa -des3 -out server.key 1024 Enter PEM pass phrase: //Type your password Verifying password - Enter PEM pass phrase: //Retype your password Note: Use the following command to remove the pass-phrase from the key #> cp server.key server.key.withpass #> openssl rsa -in server.key.withpass -out server.key
Step 2: Generate a CSR (Certificate Signing Request) #> openssl req -new -key server.key -out server.csr Enter pass phrase for server.key: //Type your private key password Country Name (2 letter code) [GB]:AM State or Province Name (full name) [Berkshire]: . Locality Name (eg, city) [Newbury]: . Organization Name (eg, company) [My Company Ltd]: . Organizational Unit Name (eg, section) []: . Common Name (eg, your name or your server's hostname) []: na601.yerphi.am Email Address []: //Press Enter Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: //Press Enter An optional company name []: //Press Enter
Step 3: Generating a Self-Signed Certificate #> openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt Signature ok subject=/C=AM/CN=na601.yerphi.am
Starting the apache server #> /usr/local/httpd-2.2.14/bin/apachectl start Apache/2.2.14 mod_ssl/2.2.14 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server www.example.com:443 (RSA) Enter pass phrase: //Type your private key password OK: Pass Phrase Dialog successful.
Testing the Secure communication Open the browser with following url: https://localhost
Making the secure communication between Server and Client with https protocol
Making the secure communication between Server and Client with https protocol
Making the secure communication between Server and Client with https protocol
And we see that: it works!
#> vi /usr/local/httpd-2.2.14/conf/httpd.conf Configuring Apache for enabling module rewrite and making some (b) directory of web site under https protocol 1. Edit the apache config file (/usr/local/httpd-2.2.14/conf/httpd.conf) 2. Add the following content, then save and Quit (ESC+:wq) RewriteEngine On #RewriteRule ^/a/(.*)$ /b/$1 [R] RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/b/(.*)$ https://localhost/b/$1 [L,R]
Restarting the apache server, and trying to open any web page under b directory with http protocol #> /usr/local/httpd-2.2.14/bin/apachectl restart Apache/2.2.14 mod_ssl/2.2.14 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server www.example.com:443 (RSA) Enter pass phrase: //Type your private key password OK: Pass Phrase Dialog successful. When we try to open any web page under b directory with http protocol, it's rewrites into https protocol
Thank you

More Related Content

PDF
Aws amazon ec2
Sentinel Solutions Ltd
 
DOC
Modul quick debserver
Slamet Achwandy
 
PPTX
Hadoop presentation
MaggieZhang61
 
PPT
Apache Presentation
Ankush Jain
 
DOCX
Cent os 5 ssh
Alejandro Besne
 
PDF
Oracle on Solaris
Telkom Institute of Management
 
PDF
Manage Windows Like Linux via SSH using Ansible
Ompragash Viswanathan
 
TXT
Readme
Kineteco Inc.
 
Aws amazon ec2
Sentinel Solutions Ltd
 
Modul quick debserver
Slamet Achwandy
 
Hadoop presentation
MaggieZhang61
 
Apache Presentation
Ankush Jain
 
Cent os 5 ssh
Alejandro Besne
 
Oracle on Solaris
Telkom Institute of Management
 
Manage Windows Like Linux via SSH using Ansible
Ompragash Viswanathan
 
Readme
Kineteco Inc.
 

What's hot (20)

PPT
How To Deploy A Cloud Based Webserver in 5 minutes - LAMP
Matt Dunlap
 
TXT
Cluster setup multinode_aws
sparrowAnalytics.com
 
PDF
httpd — Apache Web Server
webhostingguy
 
PDF
Instalar MySQL CentOS
Moisés Elías Araya
 
PPS
Squidinstallation
Chirag Gupta
 
PDF
Aeon mike guide transparent ssl filtering
Conrad Cruz
 
PDF
Aeon mike guide transparent ssl filtering (1)
Conrad Cruz
 
ODP
LAMP security practices
Amit Kejriwal
 
PDF
MySql Restore Script
Hızlan ERPAK
 
PPTX
Hadoop presentation
MaggieZhang61
 
PDF
Apache2 BootCamp : Getting Started With Apache
Wildan Maulana
 
PPT
Presentation (PPT)
webhostingguy
 
PDF
Secure Your Wordpress
n|u - The Open Security Community
 
PPT
Apache installation and configurations
Nikhil Jain
 
PPTX
AWS 기반 Docker, Kubernetes
정빈 권
 
PDF
Config websocket on apache
baran19901990
 
PPTX
Install odoo v8 the easiest way on ubuntu debian
Francisco Servera
 
PPTX
Cluster Computing for $0.27/hr using Amazon EC2 and IPython Notebook
Randy Zwitch
 
PPTX
Cloudera amazon-ec2
Randy Zwitch
 
PPTX
บทที่ 3 การเขียนโปรแกรมติดต่อฐานข้อมูล
Priew Chakrit
 
How To Deploy A Cloud Based Webserver in 5 minutes - LAMP
Matt Dunlap
 
Cluster setup multinode_aws
sparrowAnalytics.com
 
httpd — Apache Web Server
webhostingguy
 
Instalar MySQL CentOS
Moisés Elías Araya
 
Squidinstallation
Chirag Gupta
 
Aeon mike guide transparent ssl filtering
Conrad Cruz
 
Aeon mike guide transparent ssl filtering (1)
Conrad Cruz
 
LAMP security practices
Amit Kejriwal
 
MySql Restore Script
Hızlan ERPAK
 
Hadoop presentation
MaggieZhang61
 
Apache2 BootCamp : Getting Started With Apache
Wildan Maulana
 
Presentation (PPT)
webhostingguy
 
Secure Your Wordpress
n|u - The Open Security Community
 
Apache installation and configurations
Nikhil Jain
 
AWS 기반 Docker, Kubernetes
정빈 권
 
Config websocket on apache
baran19901990
 
Install odoo v8 the easiest way on ubuntu debian
Francisco Servera
 
Cluster Computing for $0.27/hr using Amazon EC2 and IPython Notebook
Randy Zwitch
 
Cloudera amazon-ec2
Randy Zwitch
 
บทที่ 3 การเขียนโปรแกรมติดต่อฐานข้อมูล
Priew Chakrit
 
Ad

Similar to Making the secure communication between Server and Client with https protocol (20)

PDF
Configuration of Self Signed SSL Certificate For CentOS 8
Kaan Aslandağ
 
PPT
Rhel5
Yash Gulati
 
PDF
How To Install and Configure Apache SSL on CentOS 7
VCP Muthukrishna
 
PDF
Apache Httpd and TLS certificates validations
Jean-Frederic Clere
 
PPTX
SSL self signed deployment on Ubuntu 16.04
MH Qapandaran
 
PPTX
Random musings on SSL/TLS configuration
extremeunix
 
PDF
Apache Web Server
webhostingguy
 
PPT
How to Install SSL Certificate in Red Hat Linux Apache Web Server
AboutSSL
 
PDF
Apache web server tutorial for linux
Sahad Sali
 
PPTX
Secure socket layer
BU
 
PPT
Ost ssl lec
Kaustubh Joshi
 
PDF
NGiNX, VHOSTS & SSL (let's encrypt)
Marcel Cattaneo
 
PPT
Securing Your Webserver By Pradeep Sharma
OSSCube
 
PDF
SSL, X.509, HTTPS - How to configure your HTTPS server
hannob
 
PPT
apache.ppt
gowriganesh
 
KEY
Openssl
psychesnet Hsieh
 
PDF
TLS and Certificates
Karri Huhtanen
 
PDF
320.1-Cryptography
behrad eslamifar
 
PPT
APACHE 2 HTTPS.ppt
webhostingguy
 
PDF
Sử dụng TLS đúng cách - Phạm Tùng Dương
Security Bootcamp
 
Configuration of Self Signed SSL Certificate For CentOS 8
Kaan Aslandağ
 
Rhel5
Yash Gulati
 
How To Install and Configure Apache SSL on CentOS 7
VCP Muthukrishna
 
Apache Httpd and TLS certificates validations
Jean-Frederic Clere
 
SSL self signed deployment on Ubuntu 16.04
MH Qapandaran
 
Random musings on SSL/TLS configuration
extremeunix
 
Apache Web Server
webhostingguy
 
How to Install SSL Certificate in Red Hat Linux Apache Web Server
AboutSSL
 
Apache web server tutorial for linux
Sahad Sali
 
Secure socket layer
BU
 
Ost ssl lec
Kaustubh Joshi
 
NGiNX, VHOSTS & SSL (let's encrypt)
Marcel Cattaneo
 
Securing Your Webserver By Pradeep Sharma
OSSCube
 
SSL, X.509, HTTPS - How to configure your HTTPS server
hannob
 
apache.ppt
gowriganesh
 
Openssl
psychesnet Hsieh
 
TLS and Certificates
Karri Huhtanen
 
320.1-Cryptography
behrad eslamifar
 
APACHE 2 HTTPS.ppt
webhostingguy
 
Sử dụng TLS đúng cách - Phạm Tùng Dương
Security Bootcamp
 
Ad

Recently uploaded (20)

PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
KodekX | Application Modernization Development
KodekX
 
Approach and Philosophy of On baking technology
30anthuong17
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 

Making the secure communication between Server and Client with https protocol

  • 1. Making the secure communicationMaking the secure communication between Server and Client withbetween Server and Client with https protocolhttps protocol Armenian e-Science Foundation (ArmeSFo) 49 Komitas Ave, 0051 Yerevan Armenia http://www.escience.am/ Armenuhi Abramyan, Hayk Haroyan {armabram, hharoyan}@mail.yerphi.am
  • 2. Content 1.1. Secure Socket Layer (SSL)Secure Socket Layer (SSL) 2.2. How SSL worksHow SSL works 3.3. Installing theInstalling the Apache 2.2.14Apache 2.2.14 server withserver with sslssl andand rewriterewrite modulesmodules 4. Configuring Apache for enabling module ssl 5.5. Creating the private key and self-signed certificate for serverCreating the private key and self-signed certificate for server 6.6. Starting the apache serverStarting the apache server 7. Testing the secure communication 8. Configuring Apache for enabling module rewrite and making some (b) directory of web site under https protocol 9. Restarting the apache server, and trying to open any web page under b directory with http protocol
  • 3. SSL is the transaction security protocol used by websites to protect online communications. The most common use of SSL is to provide protection for confidential data, such as personal details or credit card information, entered into a website. Secure Socket Layer (SSL)Secure Socket Layer (SSL)
  • 5. Installing the Apache 2.2.14 server with ssl and rewrite modulesInstalling the Apache 2.2.14 server with ssl and rewrite modules $> tar -xvzf httpd-2.2.14.tar.gz $> ./configure --prefix=/usr/local/httpd-2.2.14 --enable-modules='rewrite ssl‘ $> make #> make install 1. Download the latest version of Apache server from www.apache.org 2. Install the Apache server by using the following commands:
  • 6. #> vi /usr/local/httpd-2.2.14/conf/httpd.conf Configuring Apache for enabling module ssl 1. Edit the apache config file (/usr/local/httpd-2.2.14/conf/httpd.conf) # Secure (SSL/TLS) connections Include conf/extra/httpd-ssl.conf 2. Uncomment the line of including the ssl config file then save and Quit (ESC+:wq) #> cd /usr/local/httpd-2.2.14/conf/ #> vi extra/httpd-ssl.conf 3. Edit the ssl config file (/usr/local/httpd-2.2.14/conf/extra/httpd-ssl.conf) Listen 443 SSLCertificateFile "/usr/local/httpd-2.2.14/conf/server.crt" SSLCertificateKeyFile "/usr/local/httpd-2.2.14/conf/server.key"
  • 7. Step 1: Generate a Private Key #> openssl genrsa -des3 -out server.key 1024 Enter PEM pass phrase: //Type your password Verifying password - Enter PEM pass phrase: //Retype your password Note: Use the following command to remove the pass-phrase from the key #> cp server.key server.key.withpass #> openssl rsa -in server.key.withpass -out server.key
  • 8. Step 2: Generate a CSR (Certificate Signing Request) #> openssl req -new -key server.key -out server.csr Enter pass phrase for server.key: //Type your private key password Country Name (2 letter code) [GB]:AM State or Province Name (full name) [Berkshire]: . Locality Name (eg, city) [Newbury]: . Organization Name (eg, company) [My Company Ltd]: . Organizational Unit Name (eg, section) []: . Common Name (eg, your name or your server's hostname) []: na601.yerphi.am Email Address []: //Press Enter Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: //Press Enter An optional company name []: //Press Enter
  • 9. Step 3: Generating a Self-Signed Certificate #> openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt Signature ok subject=/C=AM/CN=na601.yerphi.am
  • 10. Starting the apache server #> /usr/local/httpd-2.2.14/bin/apachectl start Apache/2.2.14 mod_ssl/2.2.14 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server www.example.com:443 (RSA) Enter pass phrase: //Type your private key password OK: Pass Phrase Dialog successful.
  • 11. Testing the Secure communication Open the browser with following url: https://localhost
  • 15. And we see that: it works!
  • 16. #> vi /usr/local/httpd-2.2.14/conf/httpd.conf Configuring Apache for enabling module rewrite and making some (b) directory of web site under https protocol 1. Edit the apache config file (/usr/local/httpd-2.2.14/conf/httpd.conf) 2. Add the following content, then save and Quit (ESC+:wq) RewriteEngine On #RewriteRule ^/a/(.*)$ /b/$1 [R] RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/b/(.*)$ https://localhost/b/$1 [L,R]
  • 17. Restarting the apache server, and trying to open any web page under b directory with http protocol #> /usr/local/httpd-2.2.14/bin/apachectl restart Apache/2.2.14 mod_ssl/2.2.14 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server www.example.com:443 (RSA) Enter pass phrase: //Type your private key password OK: Pass Phrase Dialog successful. When we try to open any web page under b directory with http protocol, it's rewrites into https protocol