Setup TSL (HTTPS) For Website

Assume we are using Apache 2.4.

  1. Go to ./conf
  2. In httpd.conf, enable mod_ssl, and Include conf/extra/httpd-ssl.conf
    LoadModule ssl_module modules/mod_ssl.so
    
    # Secure (SSL/TLS) connections
    Include conf/extra/httpd-ssl.conf
  3. Open conf/extra/httpd-ssl.conf
  4. Listen 443
  5. and setup the DocumentRoot and some basic info, log and SSL cert files.
    Listen 443
    <VirtualHost _default_:443>
    
    DocumentRoot "d:/Apache24/htdocs"
    ServerName www.example.com:443
    ServerAdmin [email protected]
    ErrorLog "d:/Apache24/logs/error.log"
    TransferLog "d:/Apache24/logs/access.log"
    
    SSLEngine on
    
    SSLCertificateFile "d:/Apache24/conf/www_example_com.crt"
    SSLCertificateKeyFile "d:/Apache24/conf/www_example_com.key"
    SSLCACertificateFile "d:/Apache24/conf/root_ca.crt"
    
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "d:/Apache24/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>
    
    BrowserMatch "MSIE [2-5]" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0
    
    CustomLog "d:/Apache24/logs/ssl_request.log" \
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    
    </VirtualHost>                                  

Here, we assume our site is www.example.com, and using port 443(default port) for HTTPS. We installed apache on d:\apache24, and the DocumentRoot would be d:/Apache24/htdocs. The cert files can be buy from some cert company or get it free from https://letsencrypt.org/.