★FreeSSL の申込
https://products.geotrust.com/orders/freessl.do?ref=freessl&change_lang=9
★★電話認証があり、+17732430381より着信!
% openssl genrsa -des3 -out domainname.key 2048.
% openssl req -new -key domainname.key -out domainname.csr
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Tokyo
Locality Name (eg, city) []:Minato-ku
Organization Name (eg, company) [Internet Widgits Pty Ltd]: ****
Organizational Unit Name (eg, section) []: (空白)
Common Name (eg, YOUR name) []: ****
Email Address []: ****
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: (空白)
An optional company name []: (空白)
% sudo a2enmod ssl
% sudo a2enmod rewrite
-> Sなしの場合、Sありへリダイレクトするため
<VirtualHost *:443>
ServerName xxx.xxx.xxx.xxx
ServerAlias xxx.xxx.xxx.xxx
DocumentRoot /********
<Directory /********>
・・・・
</Directory>
・・・・
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)?$ https://%{HTTP_HOST}/$1 [L,R]
SSLEngine on
SSLCertificateFile /etc/apache2/************.crt # メールで送られてきたやつ
SSLCertificateKeyFile /etc/apache2/************.key # CSR作成時にできたやつ
SSLCACertificateFile /etc/apache2/************.crt # サイトからダウンロードしたやつ
・・・・
</VirtualHost>
$ sudo /etc/init.d/apache2 restart
* Restarting web server apache2
Apache/2.2.14 mod_ssl/2.2.14 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server *********:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.
…done.