Running DAB Appliances in SSL Mode
This is an example using the Joomla! OpenVZ template
make-ssl-cert command is found in the ssl-cert package which comes installed by default in the Joomla template here.
Although we can use the pre-created SSL certificate for the Snake Oil Company available at /etc/ssl/certs and /etc/ssl/private folders, it is advisable for the sake of uniqueness of each install, to regenerate them thus:
make-ssl-cert generate-default-snakeoil --force-overwrite
In order to run Joomla in SSL mode (HTTPS), we need to upload a file (say, named ssl which is a subset of the file at /etc/apache2/sites-available/default-ssl) with the following contents atleast:
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www/joomla/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/joomla/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ErrorLog /var/log/apache2/error.log LogLevel warn CustomLog /var/log/apache2/ssl_access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> </IfModule>
Then we need to execute the following:
a2enmod ssl a2ensite ssl /etc/init.d/apache2 reload
Now we can browse to https://youripaddress to view the site in SSL mode.