dreamedge.net

Apache2 & WebDAV & SSL with Ubuntu 8.0.4

2009-01-01T11:53:00+0000

1. パッケージをインストールして,sslの認証情報を作成する

# apt-get install apache2 ssl
# sudo mkdir /etc/apache2/ssl
# sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

2. sslモジュールを有効にする

# a2enmod dav dav_fs dav_lock ssl

3. ssl用のsite設定を行う

ssl用設定のひな型が/usr/shareにあるので,まずそれをコピーして/etc/apache2/site-available/に置く.

# cp /usr/share/doc/apache2.2-common/examples/apache2/extra/httpd-ssl.conf.gz /etc/apache2/site-available/
# gzip -d /etc/apache2/site-available/httpd-ssl.conf.gz
# mv /etc/apache2/site-available/httpd-ssl.conf /etc/apache2/site-available/ssl

VirtualHostやServerName,CertificateKeyFile等の設定を修正する.

--- /etc/apache2/site-available/httpd-ssl.conf 2009-01-01 21:01:18.000000000 +0900
+++ /etc/apache2/site-available/ssl 2008-10-14 20:36:26.000000000 +0900
@@ -34,7 +34,7 @@
 # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
 #       Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
 #
-Listen 443
+#Listen 443

 ##
 ##  SSL Global Context
@@ -71,12 +71,13 @@ SSLMutex  "file:/var/run/apache2/ssl_mut
 ## SSL Virtual Host Context
 ##

-<VirtualHost _default_:443>
+NameVirtualHost *:443
+<VirtualHost *:443>

 #   General setup for the virtual host
-DocumentRoot "/usr/share/apache2/default-site/htdocs"
-ServerName www.example.com:443
-ServerAdmin you@example.com
+DocumentRoot "/var/ssl"
+#ServerName www.example.com:443
+#ServerAdmin you@example.com
 ErrorLog "/var/log/apache2/error_log"
 TransferLog "/var/log/apache2/access_log"

@@ -96,7 +97,7 @@ SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RS
 #   in mind that if you have both an RSA and a DSA certificate you
 #   can configure both in parallel (to also allow the use of DSA
 #   ciphers, etc.)
-SSLCertificateFile "/etc/apache2/server.crt"
+SSLCertificateFile "/etc/apache2/ssl/apache.pem"
 #SSLCertificateFile "/etc/apache2/server-dsa.crt"

 #   Server Private Key:
@@ -104,7 +105,7 @@ SSLCertificateFile "/etc/apache2/server.
 #   directive to point at the key file.  Keep in mind that if
 #   you've both a RSA and a DSA private key you can configure
 #   both in parallel (to also allow the use of DSA ciphers, etc.)
-SSLCertificateKeyFile "/etc/apache2/server.key"
+SSLCertificateKeyFile "/etc/apache2/ssl/apache.pem"
 #SSLCertificateKeyFile "/etc/apache2/server-dsa.key"

 #   Server Certificate Chain:
@@ -228,4 +229,10 @@ BrowserMatch ".*MSIE.*" \
 CustomLog "/var/log/apache2/ssl_request_log" \
           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

+DavLockDB /var/lock/apache2/DavLock
+Alias /dav "/var/dav"
+<Location /dav>
+    Dav On
+</Location>
+
 </VirtualHost>

4. 公開するdavのディレクトリを設定する

まずはディレクトリを

mkdir /var/dav
htpasswd /var/www/.htpasswd user-name
touch /var/dav/.htaccess

/var/dav/.htaccessを設定する

AuthUserFile /var/www/.htpasswd
AuthGroupFile /dev/null
AuthName "Input password"
AuthType Basic
require valid-user