Configuring Apache Server In CentOS 7

S. Sharad

The Apache HTTP Server is powerful open-source HTTP server for modern operating systems including UNIX and Windows.

The Apache HTTP Server (“httpd”) was launched in 1995.

The Apache HTTP Server is a project of The Apache Software Foundation.

Below are the steps to install and configure the Apache Web Server (httpd).

Step 1 : 

Apache Server works on Port 80 (http) & 443 (https). So check activity on these ports.

# lsof -i :80
# lsof -i :443

If there is no activity then you need to install Apache Server as below.

# yum install httpd -y

Make sure the enable this to start at boot time.

# systemctl enable httpd.service 
# systemctl start httpd.service

Now repeat the lsof command given above. You can notice activity on Port 80 but no activity on Port 443. You need to configure SSL for this.

Step 2 : 

By default Apache Server maintains following paths.

Configuration Files :

/etc/httpd
/etc/httpd/conf/httpd.conf

Web Folder :

/var/www/html

Logs Folder :

/var/log/httpd/
/var/log/httpd/access_log
/var/log/httpd/error_log

The default configuration is enough for website based on hostname or IP address. You can check the same using browser as below. Type following in address bar of browser.

http://station1.example.com
http://127.0.0.1
http://<ip of nic>

You will get Test Page of Apache Server as below.

Step – 3 :

Add Local Self-Signed SSL Certificate for Apache.

■  Install mod_ssl as below.

# yum install mod_ssl -y

This will add file /etc/httpd/conf.d/ssl.conf

■  Now create following folder for storing certificate.

# mkdir -p /etc/ssl/private

■  Now create local SSL Certificate and Key.

# openssl req -x509 -nodes -newkey rsa:2048 -keyout station1.example.com.key -out station1.example.com.crt

This command will ask some basic information. Just provide the same and create certificate.

Where,

req -x509 – This indicates that we are using the x509 Certificate Signing Request (CSR).

-nodes – This option instructs OpenSSL to skip encrypting the SSL certificate using a passphrase.

-newkey rsa:2048 – This indicates that we want to simultaneously create a new key and a new certificate. The rsa:2048 portion implies that we want to create a 2048-bit RSA key.

-keyout – This option specifies where to store the generated private key file upon creation.

-out – The option specifies where to place the created SSL certificate.

Step 4 :

Now edit /etc/httpd/conf.d/ssl.conf add following content at the end of file.

<VirtualHost *:443>
           DocumentRoot /var/www/html
           ServerName station1.example.com
           ServerAlias www.station1.example.com
           ServerAdmin admin@example.com

           SSLEngine on
           SSLCertificateFile /etc/ssl/private/station1.example.com.crt
           SSLCertificateKeyFile /etc/ssl/private/station1.example.com.key
</VirtualHost>

Save the file and restart Apache Server as below.

# systemctl restart httpd.service

Check activity on Port 443.

# lsof -i: 443

If everything OK, then test this using browser as below.

# elinks https://station1.example.com
# curl https://station1.example.com

You may get error that this certificate in not valid. This is locally created certificate so you are getting this error. If you replace this by certificates provided by some CA then there will not be any such error.