Enable SSL on EVE Community (Self-Sign)

Don’t apply this method for EVE-PRO !

Instructions
1. Create certificate Copy and paste : sudo a2enmod ssl sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt fill up all requested fields for certificate 2. Create config files On CLI, copy/paste following lines: cat << EOF > /etc/apache2/sites-enabled/default-ssl.conf <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /opt/unetlab/html/ ErrorLog /opt/unetlab/data/Logs/ssl-error.log CustomLog /opt/unetlab/data/Logs/ssl-access.log combined Alias /Exports /opt/unetlab/data/Exports Alias /Logs /opt/unetlab/data/Logs SSLEngine on SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key <FilesMatch "\.(cgi\|shtml\|phtml\|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Location /html5/> Order allow,deny Allow from all ProxyPass http://127.0.0.1:8080/guacamole/ flushpackets=on ProxyPassReverse http://127.0.0.1:8080/guacamole/ </Location> <Location /html5/websocket-tunnel> Order allow,deny Allow from all ProxyPass ws://127.0.0.1:8080/guacamole/websocket-tunnel ProxyPassReverse ws://127.0.0.1:8080/guacamole/websocket-tunnel </Location> </VirtualHost> </IfModule> EOF 3. Restart Apache2 /etc/init.d/apache2 restart Disable SSL 1. To disable SSL a2dismod ssl /etc/init.d/apache2 restart Optional 1. To disable HTTP edit ports.conf file nano /etc/apache2/ports.conf Edit/add Listen: Save cfg with key combo “ctrl+o” (Letter o) and for exit key combo “ctrl+x” 2. Restart Apache2 /etc/init.d/apache2 restart

Instructions

1. Create certificate

Copy and paste :

sudo a2enmod ssl
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt

fill up all requested fields for certificate

2. Create config files

On CLI, copy/paste following lines:

cat << EOF > /etc/apache2/sites-enabled/default-ssl.conf
<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /opt/unetlab/html/
        ErrorLog /opt/unetlab/data/Logs/ssl-error.log
        CustomLog /opt/unetlab/data/Logs/ssl-access.log combined
        Alias /Exports /opt/unetlab/data/Exports
        Alias /Logs /opt/unetlab/data/Logs
        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/apache-selfsigned.crt
        SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                SSLOptions +StdEnvVars
        </Directory>
        <Location /html5/>
                Order allow,deny
                Allow from all
                ProxyPass http://127.0.0.1:8080/guacamole/ flushpackets=on
                ProxyPassReverse http://127.0.0.1:8080/guacamole/
        </Location>

        <Location /html5/websocket-tunnel>
                Order allow,deny
                Allow from all
                ProxyPass ws://127.0.0.1:8080/guacamole/websocket-tunnel
                ProxyPassReverse ws://127.0.0.1:8080/guacamole/websocket-tunnel
        </Location>
    </VirtualHost>
</IfModule>
EOF

3. Restart Apache2

/etc/init.d/apache2 restart

Disable SSL

1. To disable SSL

a2dismod  ssl
/etc/init.d/apache2 restart

Optional

1. To disable HTTP edit ports.conf file

nano /etc/apache2/ports.conf

Edit/add Listen:

Save cfg with key combo “ctrl+o” (Letter o) and for exit key combo “ctrl+x”

2. Restart Apache2

/etc/init.d/apache2 restart