1
00:00:00,570 --> 00:00:06,480
Now, here we want to implement the secure http server that mean we want to secure.

2
00:00:06,510 --> 00:00:07,900
our apache web server.

3
00:00:07,940 --> 00:00:16,040
we want to access the website not by using http, but we want to use it by accessing https

4
00:00:16,050 --> 00:00:19,420
that mean we want to implement https.

5
00:00:20,010 --> 00:00:23,510
So our lab settings are going to be like this again.

6
00:00:23,520 --> 00:00:30,510
We are having a single IP address on our master.example.com, we have implemented the Apache

7
00:00:30,510 --> 00:00:32,440
Web server, in host file.

8
00:00:32,460 --> 00:00:39,620
We are going to make the entry 172.24.0.1 www.example.com.

9
00:00:39,630 --> 00:00:42,280
and /var/www/html is going to be our DocumentRoot.

10
00:00:42,310 --> 00:00:46,980
now, here for https.

11
00:00:47,040 --> 00:00:49,230
We will be configuring two files.

12
00:00:49,500 --> 00:00:55,530
One will be httpd.config file and the second file important for you implementing https

13
00:00:55,530 --> 00:01:03,360
server is ssl.conf and again it is in which directory conf.d directory.

14
00:01:03,660 --> 00:01:10,170
So these are the two configuration file needed for implementing your https.

15
00:01:10,560 --> 00:01:18,000
And then what we are going to do, we are going to create one self signed certificate for this example,

16
00:01:18,000 --> 00:01:23,370
although you can purchase the certificate from the certifying authorities.

17
00:01:24,270 --> 00:01:29,850
But here in our case, we are going to create one self signed certificate.

18
00:01:30,180 --> 00:01:38,190
So in our case, the name of the certificate is going to be master.crt and we have to store that certificate

19
00:01:38,190 --> 00:01:39,210
in one directory.

20
00:01:39,230 --> 00:01:43,210
That is called /etc/pki means public key infrastructure.

21
00:01:43,230 --> 00:01:47,340
then tls directory is there transport layer security, in certificate.

22
00:01:47,340 --> 00:01:53,370
We have put this certificate and before creating this self-signed certificate, we need to create one

23
00:01:53,370 --> 00:01:54,170
private key.

24
00:01:54,180 --> 00:02:04,370
We are going to name our private key as a master key and we are going to store it in the directory /etc/pki

25
00:02:04,830 --> 00:02:05,760
tls/private in this directory.

26
00:02:06,390 --> 00:02:11,280
then from client system, we go to system C10 and C20.

27
00:02:11,460 --> 00:02:20,550
We can test by using elinks --dump https://www.example.com and with curl also we can specify

28
00:02:20,730 --> 00:02:29,490
curl -k https://www.example.com and we can view the whether we have successfully implemented

29
00:02:29,490 --> 00:02:31,770
this https or not.