How to Open Firewall ports in Azure to allow SSL, HTTPS.
AZURE ports video start at 1:30 in the video
This demo is in Azure virtual Linux machine so you will see how to change security firewall settings there to allow HTTPS port.
How install SSL self-signed certificate in Linux and Apache.
Linux Configuration start at 3:52 in the video
Commands:
sudo a2enmod ssl
sudo service apache2 restart
sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/azure.key -out /etc/apache2/ssl/azure.crt
The questions portion looks something like this (for domain “learn-how-to-do.com” located in Canada, Ontario):
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:Ontario
Locality Name (eg, city) []:Toronto
Organization Name (eg, company) [Internet Widgits Pty Ltd]:LearnHowToDo
Organizational Unit Name (eg, section) []:Department of LearnHowToDo
Common Name (e.g. server FQDN or YOUR name) []:azure.learn-how-to-do.com (IF YOU WANT WildCard Domain put *.learn-how-to-do.com
Email Address []:your_email@azure.learn-how-to-do.com
The key and certificate will be created and placed in your /etc/apache2/ssl directory.
Step Three — Configure Apache to Use SSL
sudo cp default-ssl.conf azure-ssl.conf
sudo nano /etc/apache2/sites-available/azure-ssl.conf
Inside the file the important is:
————————————————-
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin admin@azure.learn-how-to-do.com
ServerName azure.learn-how-to-do.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/azure
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/azure.crt
SSLCertificateKeyFile /etc/apache2/ssl/azure.key
<FilesMatch “\.(cgi|shtml|phtml|php)$”>
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch “MSIE [2-6]” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch “MSIE [17-9]” ssl-unclean-shutdown
</VirtualHost>
</IfModule>
—————————————————–
Activate the configuration file:
sudo a2ensite azure-ssl.conf
sudo service apache2 restart
Now you can access your web site with HTTPS:
https://server_domain_name_or_IP
NOTE:
If you have different subdomains :
- copy your conf. file to new one:
sudo cp default-ssl.conf NEW_WEB_DOMAIN-ssl.conf
- Change the directory name and the server name inside
ServerName NEW-SUB-DOMAIN.learn-how-to-do.com
ServerAlias www.NEW-SUB-DOMAIN.your_domain.com
DocumentRoot /var/www/FOLDER_WHERE_IS_THIS_WEB_SITE
- use command to activate the SSL on that name
sudo a2ensite NEW_WEB_DOMAIN-ssl.conf
- Add 1 line in ports.conf
in /etc/apache2/ports.conf settings file by adding NameVirtualHost *:443 will activate Multi Subdomains for SSL:
Example:
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
NameVirtualHost *:443
Listen 443
</IfModule>
5. Restart the server
sudo service apache2 restart
