Computer and IT knowledge - things to know
Rocky Linux 9 some basics
- see hostname: hostnamectl
- change hostname: hostnamectl set-hostname new-hostname
- see all installed packages: dnf list (or rpm -qa)
- see repositories: dnf repolist
##############################
# apache with ssl:
##############################
a)with certbot: https://www.linuxteck.com/secure-apache-with-ssl-in-rocky-linux/
b)without certbot:
- install apache basic: dnf install httpd
- install apache security module: dnf install mod_ssl
- check apache version: httpd -v
- httpd service - start and enable:
-- systemctrl start httpd
-- systemctrl enable httpd
-- systemctrl status httpd
- firewall things to consider
-- firewall-cmd --list-all
-- firewall-cmd --permanent --add-port=80/tcp
-- firewall-cmd --permanent --add-port=443/tcp
-- firewall-cmd --reload
- check webpage, port 80 + 443 should work
http://your-ip/
https://your-ip/
-----------------------------------------------------------
generate own selfsigned certificate, with 3650 days expiry:
-----------------------------------------------------------
- openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/httpd.key -x509 -days 3650 -out /etc/pki/tls/certs/httpd.crt
- make changes to file: /etc/httpd/conf.d/ssl.conf
-- change: SSLCertificateFile /etc/pki/tls/certs/localhost.crt >> to: SSLCertificateFile /etc/pki/tls/certs/httpd.crt
-- SSLCertificateKeyFile /etc/pki/tls/private/localhost.key >> to: SSLCertificateKeyFile /etc/pki/tls/private/httpd.key
- reload apache: systemctl reload httpd
----------------------------------------------
Redirect All HTTP Traffic To HTTPS
----------------------------------------------
new file: /etc/httpd/conf.d/redirect_http.conf
with content:
<VirtualHost _default_:80>
Servername rocky9
Redirect permanent / https://your-server-hostname/
</VirtualHost/>
and reload apache: systemctl reload httpd
- see also:
- https://www.linuxteck.com/how-to-install-apache-on-rocky-linux/ computer2know :: thank you for your visit :: have a nice day :: © 2024