Instalando Certificado SSL / HTTPS no APACHE

CMD - Controle e Automação

9 Jul 202412:53

Summary

TLDRIn this video, the user demonstrates how to install and configure an Apache web server with SSL encryption. The tutorial walks through the basic installation of Apache on a Debian 11 system, enabling HTTPS for secure connections. The user also shows how to create a subdomain, configure port forwarding on the router, and install Certbot for SSL certificate generation. By the end, viewers learn how to set up a secure web server, ensuring data protection for websites. The tutorial provides a simple, practical guide suitable for beginners.

Takeaways

😀 The video demonstrates how to install the Apache server on a machine using the APT package manager.
😀 SSL (Secure Socket Layer) is enabled on the Apache server to ensure secure access via HTTPS.
😀 The Apache installation process is kept simple, without going into too much detail about the configuration.
😀 The tutorial uses a local IP address (192.168.x.x) for testing, which is then mapped to a valid public IP for external access.
😀 A subdomain (apach.ssl) is created on a domain to direct traffic to the Apache server's local IP.
😀 Port forwarding is configured on the router (using the Microtik router) to allow external access to the Apache server on port 80.
😀 The server installation is checked using the systemctl command to ensure Apache is up and running.
😀 SSL certificates are implemented using a tool called 'setbot' to automate the process of getting a valid SSL certificate.
😀 The tutorial shows how to install setbot and configure it with the correct domain name to generate the SSL certificate.
😀 After successfully installing SSL, the server can now accept secure HTTPS connections, indicated by a green padlock in the browser.
😀 The video emphasizes that the SSL certificate will be valid for three months, after which the process needs to be repeated for renewal.

Q & A

What is the primary purpose of this video?
-The primary purpose of the video is to demonstrate how to install Apache on a Debian-based system and configure SSL for secure HTTPS access.
How do you check if Apache is installed on your system?
-You can check if Apache is installed by running the command `systemctl status apache2`. If Apache is installed and running, the status will show as active.
What is the significance of enabling SSL for the Apache server?
-Enabling SSL ensures that the communication between the web server and clients is encrypted, providing a secure connection using HTTPS instead of HTTP.
What tool is used to enable SSL on the Apache server in the video?
-The video uses Certbot, a tool that helps automate the process of obtaining and installing SSL certificates from Let's Encrypt.
What are the ports that need to be forwarded for the Apache server to be accessible externally?
-The necessary ports to forward are port 80 (HTTP) and port 443 (HTTPS) to allow external access to the server.
How do you forward ports on the router to access the Apache server externally?
-You forward the ports through the router’s firewall settings, specifying the local IP of the Apache server (e.g., 192.168.1.74) and the ports (80 and 443) to route the traffic properly.
What is the command to install Certbot on a Debian-based system?
-The command to install Certbot is `sudo apt install certbot python3-certbot-apache`.
How does Certbot generate an SSL certificate for the domain?
-Certbot generates an SSL certificate by running the command `sudo certbot --apache`, where it automatically detects the Apache configuration, requests the certificate from Let's Encrypt, and installs it on the server.
What should you do if the SSL certificate from Let's Encrypt is about to expire?
-You will need to renew the SSL certificate. This can be done manually by rerunning the Certbot command or automatically using Certbot's renewal feature (set up with a cron job).
What limitation does the Let's Encrypt SSL certificate have?
-The Let's Encrypt SSL certificate is valid for only 3 months, and it needs to be renewed periodically.