SSL Implementation

12/19/2019 - 7:53 AM

<VirtualHost *:443>
 ServerAdmin XX.ptpp.co.id
 ServerName XX.ptpp.co.id
 ServerAlias XX.ptpp.co.id
 DocumentRoot /var/www/html/XX
 ErrorLog /var/www/html/XX/logs/error.log
 CustomLog /var/www/html/XX/logs/access.log combined
 SSLEngine on
 SSLProtocol All -SSLv2 -SSLv3
 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHEECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:
ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSAAES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSSAES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:
AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DESCBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 SSLHonorCipherOrder on
 SSLCertificateFile /etc/httpd/conf/ssl/ptpp.co.id.crt
 SSLCertificateKeyFile /etc/httpd/conf/ssl/ptpp.co.id.key
 SSLCACertificateFile /etc/httpd/conf/ssl/sectigo_ca.crt
</VirtualHost>

.htaccess

# Rewrite HTTP into HTTPS
 RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

symlink.sh

sudo ln -s /etc/apache2/sites-available/example.com.conf /etc/apache2/sites-enabled/

test.sh

sudo apachectl configtest

sudo systemctl restart apache2

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

SSL Implementation