Installing apache and SSL in Debian 12
Step 1 — Installing Apache
Apache is available within Debian 12 default software repositories, which means you can install it with the apt
package manager.
apt install apache2 firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload
Step 2 — Checking your Web Server
systemctl enable apache2 systemctl start apache2 systemctl status apache2
Step 3 — Disabling default web server
a2dissite 000-default.conf
Step 4 — Setting Up Virtual Hosts
Add in the following configuration block, and change the your_domain domain to your domain name: nano /etc/apache2/sites-available/app.example.com.conf
<VirtualHost *:80> ServerAdmin email@app.example.com ServerName app.example.com ServerAlias app.example.com DocumentRoot /var/www/app.example.com DirectoryIndex index.php index.html ErrorLog ${APACHE_LOG_DIR}/app.example.com-error.log CustomLog ${APACHE_LOG_DIR}/app.example.com-access.log combined </VirtualHost>
and restart httpd
service
apache2ctl configtest a2ensite app.example.com.conf mkdir /var/www/app.example.com chown -R www:www /var/www/app.example.com chmod -R 755 /var/www/app.example.com systemctl restart apache2
You can test this by navigating to http://app.example.com
, where you should see default apache page
Step 5 — Installing the Certbot Let’s Encrypt Client
To use Let’s Encrypt to obtain an SSL certificate, you first need to install Certbot and mod_ssl
, an Apache module that provides support for SSL v3 encryption.
apt update apt install certbot python3-certbot-apache
Step 5 — Obtaining a Certificate
certbot --apache -d app.example.com
The program will present you with a step-by-step guide to customize your certificate options. It will ask you to provide an email address for lost key recovery and notices, and then prompt you to agree to the terms of service. If you did not specify your domains on the command line, you will be prompted for that as well. If your Virtual Host files do not specify the domain they serve explicitly using the ServerName
directive, you will be asked to choose the virtual host file. In most cases, the default ssl.conf
file will work.
You will also be able to choose between enabling both http
and https
access or forcing all requests to redirect to https
. For better security, it is recommended to choose the option 2: Redirect
if you do not have any special need to allow unencrypted connections. Select your choice then hit ENTER
.
You can test this by navigating to https://app.example.com
, where you should see default apache page
Howdy, Stranger!
Categories
- 93 All Categories
- 20 VoIP
- 7 SIP
- 16 asterisk
- 43 Programming
- 1 Nodejs
- 4 javascript
- 19 PHP
- 8 Codeigniter
- 13 database
- 1 UI/UX
- 2 Flutter
- 28 OS
- 26 Linux
- 1 Virtualization
- 1 Android
- 1 Windows
- 2 legal