Skip to content

Instantly share code, notes, and snippets.

@stephdl

stephdl/selfsigned_certificate.md

Last active December 23, 2025 13:20
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save stephdl/3184040c5b3283debd8f433fb156da08 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save stephdl/3184040c5b3283debd8f433fb156da08 to your computer and use it in GitHub Desktop.
Download ZIP
Certificat autosigné avec apache
Raw
selfsigned_certificate.md

Certificat Autosigné et Configuration VirtualHost HTTPS

1. Générer le Certificat Autosigné

Générez la clé privée et le certificat (valide 365 jours) :

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
  -keyout /etc/ssl/private/glpi.key \
  -out /etc/ssl/certs/glpi.crt

Vous serez invité à remplir les informations du certificat. Exemple pour GLPI :

Country Name (2 letter code) [AU]: FR
State or Province Name [Some-State]: Brittany
Locality Name (eg, city) []: Rennes
Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany
Organizational Unit Name (eg, section) []: IT
Common Name (eg, your name or your server's hostname) []: 192.168.12.118
Email Address []: admin@example.com

Vérifiez les permissions :

sudo chmod 600 /etc/ssl/private/glpi.key
sudo chmod 644 /etc/ssl/certs/glpi.crt

2. Activer les Modules Apache Requis

sudo a2enmod ssl
sudo a2enmod rewrite
sudo a2enmod alias

Vérifiez que les modules sont activés :

sudo apache2ctl -M | grep -E "ssl_module|rewrite_module"

3. Configuration du VirtualHost HTTPS

Créez un fichier de configuration :

sudo nano /etc/apache2/sites-available/glpi-ssl.conf

Collez cette configuration :

<VirtualHost *:443>
    ServerAlias 192.168.12.118
    DocumentRoot /var/www/html
    
    # Configuration SSL
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/glpi.crt
    SSLCertificateKeyFile /etc/ssl/private/glpi.key
    
    # Configuration GLPI
    Alias "/glpi" "/var/www/html/glpi/public"
    
    <Directory /var/www/html/glpi/public>
        Require all granted
        RewriteEngine On
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule ^(.*)$ index.php [QSA,L]
    </Directory>
    
    # Logs
    ErrorLog ${APACHE_LOG_DIR}/glpi-error.log
    CustomLog ${APACHE_LOG_DIR}/glpi-access.log combined
</VirtualHost>

4. Redirection HTTP vers HTTPS (optionnel)

Pour rediriger automatiquement HTTP vers HTTPS, modifiez ou créez le VirtualHost HTTP :

sudo nano /etc/apache2/sites-available/glpi.conf
<VirtualHost *:80>
    ServerAlias 192.168.12.118
    DocumentRoot /var/www/html
    
    # Redirection vers HTTPS
    Redirect permanent / https://192.168.12.118/
</VirtualHost>

5. Activer les Sites

# Activer le site HTTPS
sudo a2ensite glpi-ssl.conf

# Activer le site HTTP (optionnel)
sudo a2ensite glpi.conf

# Désactiver les sites par défaut si nécessaire
sudo a2dissite 000-default.conf

6. Tester et Redémarrer Apache

Testez la syntaxe de configuration :

sudo apache2ctl configtest

Vous devriez voir : Syntax OK

Redémarrez Apache :

sudo systemctl restart apache2

Vérifiez le statut :

sudo systemctl status apache2

Résumé des Commandes Essentielles

# Générer le certificat
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
  -keyout /etc/ssl/private/glpi.key \
  -out /etc/ssl/certs/glpi.crt

# Activer les modules
sudo a2enmod ssl rewrite alias

# Configurer les vhosts
sudo nano /etc/apache2/sites-available/glpi-ssl.conf
sudo nano /etc/apache2/sites-available/glpi.conf

# Activer les sites
sudo a2ensite glpi-ssl.conf glpi.conf

# Tester et redémarrer
sudo apache2ctl configtest
sudo systemctl restart apache2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment