Configuring One-Way SSL Authentication

Procedure
1. Ensure that the mod_ssl module is available in the Apache HTTP server installation.
2. Enable the mod_ssl module as follows:
   1. Open the APACHE_HOME/conf/httpd.conf file for editing.
   2. Uncomment the following directive in the httpd.conf file, if commented. If this directive does not exist, add it in the file:

         LoadModule ssl_module APACHE_ROOT/modules/mod_ssl.so

      where APACHE_ROOT is the actual path of the Apache HTTP server installation which must be SSL enabled.

   3. Uncomment the following line in the file:

      #Include conf/extra/httpd-ssl.conf

   4. Save the changes in the file.
3. Open the APACHE_HOME/conf/extra/httpd-ssl.conf file for editing.
   1. Set the values for the specified directives (if not already set), as follows:

      SSLEngine on

      SSLCertificateFile "Name_of_Server_public_certificate"

      SSLCertificateKeyFile "Name_of_Server_private_key"

      SSLCACertificateFile Name_of_CA_Certificate

      SSLVerifyClient none

   2. Set the Listen directive if you want to change the default port value for SSL requests:

         Listen listening_port_value

   3. Save the changes made to the APACHE_HOME/conf/extra/httpd-ssl.conf file.
4. Import the CA certificate as specified in the SSLCACertificateFile directive of the Apache Server configuration.
5. Verify that the SSL configuration is working.
   1. Open a web browser window.
   2. Enter the following URL to verify the connection to the Apache server.
      http://machine_name:listening_port_value

      For example,

      http://<machine-name>:8443

6. Verify that the connection to the Apache server is successful.