Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Example Apache SSL Config

Below is an example config file for when you are deploying a website at www.mydomin.com. It will also capture users who go directly to mydomain.com without the www. Please note that this requires two sets of ssl certificates, unless you have wildcard ones.

On Ubuntu 16.04 the file will be located at /etc/apache2/sites-available/default-ssl.conf and enabled by running a2ensite default-ssl.conf (after which it will also be symlinked to from the sites-enabled folder). Also, don't forget to enable ssl with sudo a2enmod ssl.

# www.mydomain.com
<VirtualHost *:443>
    ServerName www.mydomain.com

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/www.mydomain.com/cert.pem
    SSLCertificateKeyFile /etc/apache2/ssl/www.mydomain.com/private.pem
    SSLCertificateChainFile /etc/apache2/ssl/www.mydomain.com/chain.pem

    ServerAdmin webmaster@localhost

    DocumentRoot /var/www/my-site/public_html
    <Directory /var/www/my-site/public_html/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        allow from all
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

# capture users going to mydomain.com without the www.
<VirtualHost *:443>
    ServerName mydomain.com

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/mydomain.com/cert.pem
    SSLCertificateKeyFile /etc/apache2/ssl/mydomain.com/private.pem
    SSLCertificateChainFile /etc/apache2/ssl/mydomain.com/chain.pem

    ServerAdmin webmaster@localhost

    DocumentRoot /var/www/my-site/public_html
    <Directory /var/www/my-site/public_html/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        allow from all
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Don't forget to test with apache2ctl configtest