Testing Your Certificate

When the secure server is installed by the Red Hat Linux installation program, a random key and a generic certificate are installed, for testing purposes. You can connect to your secure server using this certificate. For any purposes other than testing, however, you need to get a certificate from a CA or generate a self-signed certificate. See the section called Types of Certificates if you need more information on the different types of certificates available.

If you have purchased a certificate from a CA or generated a self-signed certificate, you should have a file named /etc/httpd/conf/ssl.key/server.key, containing your key, and a file named /etc/httpd/conf/ssl.crt/server.crt, containing your certificate. If your key and certificate are somewhere else, move them to these directories. If you changed any of the default locations or filenames for the secure Web server in your Apache configuration files, you should put these two files in the appropriate directory, based on your modifications.

Now, stop and start your server as described in the section called Starting and Stopping httpd in Chapter 14. If your key file is encrypted, you will be asked for the password. Type in your password and your server should start.

Point your Web browser to your server's home page. The URL to access your secure Web server will look like this:

https://your_domain

NoteNote
 

Note the "s" after "http." The https: prefix is used for secure HTTP transactions.

If you are using a CA-signed certificate from a well-known CA, your browser will probably automatically accept the certificate (without prompting you for input) and create the secure connection. Your browser will not automatically recognize a test or a self-signed certificate, because the certificate is not signed by a CA. If you are not using a certificate from a CA, follow the instructions provided by your browser to accept the certificate. You can just accept the defaults by clicking Next until the dialogs are finished.

Once your browser accepts the certificate, your secure Web server will show you a default home page as shown in Figure 13-1.

Figure 13-1. The Default Home Page