Setting up SSL connections on Apache 2
Safe Service
An attacker who captures the credentials for a blog can both spy on the user and break into the blog. By breaking into the blog, that attacker has actually broken into the web server. As an administrator, you should take all possible steps to secure sensitive areas of a website. Transport Layer Security (TLS) lets the web server and browser conduct their communication over an encrypted connection. TLS is a later version of Secure Sockets Layer (SSL), and this kind of connection is often still called an SSL connection. The box titled "Tap-Proof" shows how to set up an encrypted connection.
Tap-Proof
TLS and SSL are cryptographic network protocols. (Actually, they are collections of several protocols.) TLS encrypts the data provided by the browser and then sends the data to a web server via TCP (see Figure 1). SSL can thus encrypt not only HTTP traffic, but also the data of other application protocols such as FTP. In addition to data encryption, TLS also enables authentication and integrity control. A browser can therefore be sure that it is talking via an SSL connection to the correct server, that nobody can read the information that is sent, and that the data will reach the other end unchanged. The two parties can choose to limit the algorithms used. Data encryption is always handled by a symmetrical process, wherein a shared key is used for both encryption and decryption. The secret exchange of this key is guaranteed by a key exchange procedure (e.g., Diffie-Hellman [1]).
By setting the prefix to https:// in the URL, the user of a browser indicates the desire to use an encrypted connection. The process of opening the SSL connection is called the SSL handshake. The client first sends a request to the server (the client hello ). This request includes, among other things, the required SSL version, the preferred key exchange algorithms, the actual encryption, authentication, and the integrity check. This combination of algorithms is known as a cipher suite.
In its reply (server hello ), the server tells the client which algorithms it has decided to use and sends an X.509 certificate [2] with the reply. The client can now determine whether the web server is actually the one it wants to communicate with.
Finally, the client and server negotiate a shared session key. With this session key, both parties then encrypt all further communication. The session key is valid only for the current session, which makes hijacking more difficult.
The first version of the Secure Sockets Layer goes way back to Netscape, which introduced the technique with the Navigator web browser back in 1995. After the third version, the Internet Engineering Task Force (IETF) took over the development, promoting the method to a standard and renaming it Transport Layer Security (TLS).
The Apache web server module mod_ssl
takes care of encryption via SSL and TLS. mod_ssl
has been included in the package since Apache version 2, and it relies on the OpenSSL package [3]. The OpenSSL libraries implement the SSL protocol, thus performing the actual encryption. OpenSSL is included with most Linux distributions out of the box. Windows users should go for the Apache binary package with built-in OpenSSL. The file is named -openssl
and can be found on the Apache Foundation download page [4] in Other files
, below the binaries/win32
directories. In CentOS 6.4, the mod_ssl
module is not part of the Apache2 package; you have to install the mod_ssl
package explicitly.
Face Check
So that browsers know who is at the other end of an encrypted connection, the web server sends a certificate. Administrators can quickly create a certificate using the openssl
command-line utility from the OpenSSL package. Windows users of the Apache binary package can find it in the bin
directory of their Apache installations. Certificates are based on asymmetric cryptography (public key cryptography), in which each party has two keys. To create a certificate, you must first generate a private key for the server:
openssl genrsa -aes256 -out privaterschluessel.pem 2048
The key length is 2048 bits in this case. For security reasons, the command encrypts the key using the AES256 method, which is why you need to enter a passphrase (i.e., a longer password). Armed with the private key and the passphrase, you can then generate a certificate:
openssl req -new -x509 -days 365 -key privatekey.pem -out certificate.pem
On Windows, you must explicitly reference the OpenSSL configuration file:
openssl req -config ..\conf\openssl.cnf -new -x509 -days 365 -key privatekey.pem -out certificate.pem
In any case, the command creates a new certificate (-new
), whose structure follows the X.509 standard (-X509
), is valid for 365 days, and ends up in the certificate.pem
file. After calling the command, you are asked many questions. Even if you say yes to all the defaults by pressing the Enter key, be sure to specify the domain name under which the secured HTTPS pages are accessible when prompted for the Common Name
. Otherwise, browsers will later refuse the connection. If the website is https://login.example.com
, the answer to the Common Name prompt is login.example.com
(Figure 2). Keep the certificate, the private key, and the passphrase somewhere safe; better yet, memorize the passphrase.
Fide Sed Cui Vide
A self-signed certificate has the disadvantage that browsers initially consider it unsafe – after all, anyone could issue such a certificate. The user must explicitly classify it as correct and reliable on first access to the server. On a public web server, it is a good idea to have the certificate signed by a certificate authority. Several commercial providers act as certificate authorities, the best-known being Verisign Security (now owned by Symantec [5]). Browsers already include signatures from this certificate authority and accept any certificate signed or issued by it. If the CA wants a certificate request, you can create it with the following command:
openssl req -new -key privatekey.pem -out request.csr
You then submit the request in the request.csr
file to a certificate authority. On a corporate network, you could alternatively add your own certificates to browsers up front or even run your own certification authority.
In any case, you now have a file with the certificate and the private key. The duo are best kept in a separate subdirectory with the other configuration files. On Linux systems, configuration files are typically found in /etc/apache2
or /etc/httpd
, and on Windows they are typically in conf
below the Apache
directory. Create an ssl
subdirectory and copy the certificate and the private key to it:
mkdir -p /etc/apache2/ssl cp *.pem /etc/apache2/ssl
Normally, these commands will require root privileges.
Components
The Apache mod_ssl
module takes care of encrypted SSL connections. Many, but not all, Linux distributions enable it by default. The Apache server loads mod_ssl
if the following line appears somewhere in its configuration files:
LoadModule ssl_module modules/mod_ssl.so
Usually, it is found in the central httpd.conf
; CentOS stores the line in /etc/httpd/conf.d/ssl.conf
. If you use the default configuration files, you only need to remove the hash mark from the line. Alternatively, some Linux distributions, including Debian, Ubuntu, and openSUSE, come with a script named a2enmod
to enable dynamically loadable Apache modules. The root user thus enables mod_ssl
as follows:
a2enmod ssl
On openSUSE, you additionally need the a2enflag SSL
command. If the script a2enmod
is available, you should use it. The distributions then usually rely on several configuration files, some of which are automatically generated. Debian uses symbolic links to enable and disable individual modules.
Requests via HTTPS normally arrive on port 443. To ensure that Apache listens on that port, you have to add the following section to the configuration:
<IfModule mod_ssl.c> Listen 443 </IfModule>
Which configuration file this section belongs in depends on the Apache installation. On Debian-based systems, it is already in the /etc/apache2/ports.conf
file; openSUSE 12.3 uses /etc/apache2/listen.conf
, and on CentOS it's in /etc/httpd/conf.d/ssl.conf
. If necessary, remove the hash signs (#
) that comment out the section. If you use the default configuration file, like the one included with the Apache Windows binary package, you only need to uncomment this line in httpd.conf
:
#Include conf/extra/httpd-ssl.conf
This line tells Apache to parse httpd-ssl.conf
in the extra
subdirectory for the required section.