Hello there I'm trying to setup SSL on my server. Here is the info that I seen on their site on how to setup it. To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file: LoadModule ssl_module modules/mod_ssl.so Listen 443 <VirtualHost _default_:443> DocumentRoot /home/httpd/private ErrorLog /usr/local/apache/logs/error_log TransferLog /usr/local/apache/logs/access_log SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /usr/local/apache/conf/ssl.crt SSLCertificateKeyFile /usr/local/apache/conf/ssl.key SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem SSLCACertificateFile /usr/local/apache/conf/ca.pem SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown CustomLog /usr/local/apache/logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Would I just add this to my httpd.conf at the moment it's just empty but I'm not sure if that would be the right place to put it or not. Thanks for any help.
Do you use ispconfig? If yes, then ssl is configured trough ispconfig, dont add the above to your httpd.conf then! Just enable ssl in the website and create the ssl cert in ispconfig. No need to insert any code in the config file.
Would that work to make it a certified ssl certificate? I want my users to be able to just go to our site without firefox or IE to tell them it's not a trusted site or anything like that.
Yes. Create a self signed ssl cert in ispconfig. ISPconfig creates then a csr for you that can be signed by a ssl authority. Then you get a signed ssl cert back that you can store in the ssl cert field in ispconfig. The steps are explained in detail in the ispconfig manual too.
