Web

Entries from February 2008

Quicksearch

Monday, February 18. 2008

PHP and SSL with Lighttpd on Debian Etch Posted by Filip Van Raemdonck in Web at 21:43

Comment (1)
Trackback (1)

PHP and SSL with Lighttpd on Debian Etch

First, a question: dear lazyweb, how do I completely disable non-SSL access with lighttpd? I can't seem to find how to have a lighttpd SSL-only configuration. (and only binding port 80 on localhost does not count for an answer)

On to the subject. While it's easy to add SSL to lighttpd and enable PHP (through fastcgi) — and Debian makes it even easier with it's lighty-enable-mod tool — if you only do it once in a blue moon then it's not exactly resident knowledge. So here are the steps to do it, on Debian Etch:
  1. apt-get the lighttpd, php4-cgi or php5-cgi, and openssl packages
  2. lighty-enable-mod fastcgi
  3. if using php5, update the path to the cgi binary in /etc/lighttpd/conf-available/10-fastcgi.conf (it's preconfigured for php4)
  4. lighty-enable-mod ssl
  5. update the path to the SSL certificate in /etc/lighttpd/conf-available/10-ssl.conf
  6. restart the lighttpd server

That's all there is to it. Well, strictly speaking there's a step 4a: install a certificate; but that's arguably not a part of the configuration process.
(for reference: openssl req -new -x509 -keyout /etc/lighttpd/selfcert.pem -out /etc/lighttpd/selfcert.pem -days 365 -nodes will generate a self-signed certificate)
« previous page   (Page 1 of 1, totaling 1 entries)   next page »
Frontpage

about this blog

This weblog contains the ramblings of Filip Van Raemdonck. He is a male system administrator in his early thirties, happily married, and happens to be passionate about fast motorcycles and photography.

Syndicate This Blog

Archives

August 2008
July 2008
June 2008
Recent...
Older...

Categories


All categories

Comments

Jan about Linde
Mon, 18.08.2008 20:49 CEST
Congratulations!


Ozgur Karatas about Linde
Mon, 18.08.2008 09:07 CEST
oh my god, one very beautifull feeling.. I know on me :) The happiness! Ozgur


Filip about Back
Thu, 03.07.2008 19:36 CEST
Everything's going great with the pregnancy. Only six weeks left now :) It's a hard tim e when you lose a baby, [...]


lou about Back
Tue, 01.07.2008 22:18 CEST
Robertsonian translocation how's thing turn out since las t Sept? I read your story abo ut the baby thing. I am [...]


Adult Ühler about I'm junior now
Mon, 30.06.2008 14:36 CEST
I didn't know there were these kinds of exams. I am new to l inux and still don't know how to do barely anything in [...]


Thomas Koch about I'm junior now
Sun, 06.04.2008 16:59 CEST
You're right, that not only so me, but many questions in the LPI are not up to date and tha t you probably don't use [...]


Filip Van Raemdonck about Lilo LVM fixed root
Fri, 04.04.2008 13:14 CEST
Sure, it does it's job fine (m ost of the time :). And it's straightforward. Why not us e it?


Matthew W. S. Bell about Lilo LVM fixed root
Thu, 27.03.2008 19:53 CET
You still use LILO?!


Anonymous Coward about Lilo LVM fixed root
Thu, 27.03.2008 00:51 CET
Can't you use UUID-naming?


Filip about Clueless
Tue, 18.03.2008 21:45 CET
If it were the old blog, it /m ight/ have been from some comm ent spam. Then again, I cou ldn't find any reference [...]