Hey you are planning to start a e-commerce website, then you must know about SSL without which no one will trust your website as a safe place to use their cards…

What is SSL?

SSL (Secure Socket Layer) is a protocol used for secure data transfer. This is done by using private keys and certificates. A private key is used to encrypt the data which you are sending and the server can only decrypt this data with the private key available with it, A certificate is used to authentic yourself before proceeding.

So we need two things to make our website secure for online transactions. In this article i will explain how to generate a private key with open-ssl and apache, how to generate a certificate request from CA (Certificate Authority). How to configure your server to respond for ssl requests.

We use Apache 2, Debian Linux, Openssl for this article.

First step is to install Apache:

Go to console mode

aptitude install apache2

next install openssl to generate keys and certificates or certificate requests

aptitude install openssl


next generate certificate request and key using openssl

openssl req -new -nodes -keyout myserver.key -out myserver.csr

Here you want to fill up some details like Country code, State, City, Company name, the most important thing is common name, it must be same as your website name (suppose you website is www.sourcebits.com then the common name must be sourcebits.com)

this will generate two files in your directory one is a private key file (myserver.key) and another one is certificate request file (myserver.csr)

Now you need to get a certificate from some certificate vendors most popular vendors are verisign and comodo.
Comodo is providing a free trail certificate which is valid for 3 months. (Comodo Free Trail)
After getting the certificates you want to enable ssl module in apache and configure it

a2enmod ssl
vi /etc/apache2/sites-available/default

<VirtualHost *:443>
ServerName policeagenda
DocumentRoot /var/www/
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/sourcebits.cert
SSLCertificateKeyFile /etc/apache2/ssl/sourcebits.key

<Directory />
Options Indexes FollowSymLinks
AllowOverride All
Order deny,allow
Allow from all
</Directory>
</VirtualHost>

Then restart your server /etc/init.d/apache2 restart

We all know that a default http request will be sent port 80, in the same way a default https request will be forwarded to 443 so we are configuring the server for 443 port.

You are done now access your website with https://myserver.com

If you face any problems you want to check this things first

Whether the server is hearing port 443 or not to find this type lsof -i tcp:443

Next check whether your port 443 is forwarded or not. If you face any new problems other than this please post a comment and we will try to solve it.