SSL config on Apache

Question

I have a basic understanding on both apache2 and ssl and yes let's throw zabbix, the project that I'm working on, so please forgive me.

What I'm trying to do is, enable https instead of the usual http access on the zabbix monitoring software.

Zabbix appliance is running on opensuse 12.2 and apache 2.2.22.

I came across this blogpost: http://beeznest.wordpress.com/2008/04/25/how-to-configure-https-on-apache-2/ I had some luck on creating self-signed certificates using: openssl req -new -x509 -days 365 -keyout key/vhost1.key -out crt/vhost1.crt -nodes -subj ‘/O=A/OU=B/CN=C’

Now the trouble comes in when I was trying to change the virtual host config. What bothers me more is that there seem to 3 conf and I'm confused on which to change. 1. ssl-global 2. vhost-ssl.template 3. default-vhost-ssl.conf

May I ask what is the difference on the 3 config, and which one to edit for my task. Hope someone out there could answer my query or could point me to the right direction on how to do: SSL on apache2 using opensuse12.2

Thank you.

Regards, Jem

Answer 1

From your update it would appear that you should copy the #2 SSL Template and name it something like example.com.conf

However, I would recommend another alternative and it's something I do. I name all my configurations such as example.com80.conf / example.com443.conf.

Then in my httpd-vhosts.conf file I add the following at the bottom:

# Include vhosts
IncludeOptional conf/sites-enabled/*80.conf

I do the same in my httpd-ssl.conf

# Include vhosts
IncludeOptional conf/sites-enabled/*443.conf

This way I not only keep my httpd.conf and other files clean of random VirtualHosts but I also can remove configurations simply by deleting the configuration file and restarting apache. It also makes it easier to identify a specific VirtualHost to make changes to if required.