Geek asks and answers

Install SSL COMODO EV Certificate on EC2 Ubuntu Instance

Thanks in advance for your help.

This is my first HTTPS setup, and I received a certificate from Comodo, but I don’t know what to do with it. The certificate came in a ZIP file with these files inside:

Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODOAddTrustServerCA.crt
Intermediate CA Certificate - COMODOExtendedValidationSecureServerCA.crt
Your COMODO EV SSL Certificate - forum_linma_com.crt

I also have a text format. How to configure it so that my node.js application is accessible via HTTPS? The application runs on an EC2 instance with Ubuntu 13.10, and I use SSH to access the server.

Follow up question

So, I still get the error message. Here is the relevant information:

Content /etc/apache2/sites-enabled/forumHTTPSconfig(single file in permitted sites):

<VirtualHost *:443>
   ServerName forum.figma.com
   SSLEnable
   SSLEngine on
   SSLCertificateFile /etc/apache2/forum_figma_com.crt
   SSLCertificateKeyFile /home/ubuntu/.ssh/myserver.key
   SSLCACertificateFile /etc/apache2/combined-ca.crt
</VirtualHost>

<IfModule mod_proxy.c>
    <Proxy *>
      SSLProxyEngine on
      Order deny,allow
      Allow from all
    </Proxy>

    RewriteEngine on

    ProxyPass / https://127.0.0.1:3000
    ProxyPassReverse /http://127.0.0.1:3000
</IfModule>

Here is the output of my attempts to call a2enmod:

ubuntu@ip-10-190-91-217:/etc/apache2/sites-enabled$ sudo a2enmod forumHTTPSconfig
ERROR: Module forumHTTPSconfig does not exist!
ubuntu@ip-10-190-91-217:/etc/apache2/sites-enabled$ sudo a2enmod mywebsite
ERROR: Module mywebsite does not exist!

Any idea what goes wrong? Thanks in advance for your help!

+3
source share
2

-, , key , . .

Nginx

:

Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODOAddTrustServerCA.crt
Intermediate CA Certificate - COMODOExtendedValidationSecureServerCA.crt
Your COMODO EV SSL Certificate - forum_linma_com.crt

forum_linma_com.crt

:

server {
    listen       443;
    server_name  yourdomain.com;

    ssl                  on;
    ssl_certificate      /path/to/forum_linma_com.crt;
    ssl_certificate_key  /path/to/forum_linma_com.key;

    location / {
        proxy_pass  http://localhost:3000;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header        Host            static.example.com;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

nginx :

http://wiki.nginx.org/HttpProxyModule

Apache

:

Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODOAddTrustServerCA.crt
Intermediate CA Certificate - COMODOExtendedValidationSecureServerCA.crt

: combined-ca.crt

:

<VirtualHost 0.0.0.0:443>
   ServerName mydomain.com
   SSLEnable
   SSLEngine on
   SSLCertificateFile /path/to/forum_linma_com.crt
   SSLCertificateKeyFile /path/to/forum_linma_com.key  
   SSLCACertificateFile /path/to/combined-ca.crt

<IfModule mod_proxy.c>
    <Proxy *>
      SSLProxyEngine on
      Order deny,allow
      Allow from all
    </Proxy>

    RewriteEngine on

    ProxyPass / https://127.0.0.1:3000
    ProxyPassReverse /http://127.0.0.1:3000
</IfModule>

</VirtualHost>

3000 - , node.js.

Apache :

http://httpd.apache.org/docs/2.2/mod/mod_proxy.html

+3

@AaronClayton-Dunn.

apache2.conf?

Ubuntu, : /etc/apache2/sites-enabled/mywebsite .

, :

sudo a2dismod default
sudo a2enmod mywebsite
sudo service apache2 restart

0.0.0.0:443 IP-?

0.0.0.0 * (), . IP-, -, , IP- .

(ProxyPass, ProxyPassReverse)?

. , , / , 443 HTTP- 3000, node.js .

+1

More articles:


All Articles