Apache on CentOS and HTTP -> HTTPS redirection

By | March 24, 2021
0 Comment

Apache HTTP server is a free, open source and popular web Server. It is cross platform server that may run on Linux, Windows and other operating systems. This post is about Apache installation and configuration on CentOS 8. I wrote it for myself as a reminder for future own references. Apache is available in CentOS default software repositories and may be installed without additional repository reconfiguration.
Installation using yum command:


# sudo yum -y install httpd

Start Apache:


# systemctl start httpd.service

Enable Apache:


# systemctl enable httpd.service

Check Apache service status:


# systemctl status httpd.service
● httpd.service – The Apache HTTP Server
 Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
  Active: active (running) since Wed 2021-03-24 10:39:01 CDT; 41min ago
  Docs: man:httpd.service(8)
 Main PID: 374598 (httpd)
  Status: “Total requests: 10; Idle/Busy workers 100/0;Requests/sec: 0.00403; Bytes served/sec: 132 B/sec”
  Tasks: 278 (limit: 24856)
  Memory: 36.2M
  CGroup: /system.slice/httpd.service
    ├─374598 /usr/sbin/httpd -DFOREGROUND
    ├─374599 /usr/sbin/httpd -DFOREGROUND
    ├─374600 /usr/sbin/httpd -DFOREGROUND
    ├─374601 /usr/sbin/httpd -DFOREGROUND
    ├─374602 /usr/sbin/httpd -DFOREGROUND
    └─374845 /usr/sbin/httpd -DFOREGROUND

Mar 24 10:39:01 SVO-VPN-MOW-LNK systemd[1]: Starting The Apache HTTP Server…
Mar 24 10:39:01 SVO-VPN-MOW-LNK systemd[1]: Started The Apache HTTP Server.
Mar 24 10:39:01 SVO-VPN-MOW-LNK httpd[374598]: Server configured, listening on: port 80

Usually default HTTP ports (80 and 443) are not blocked by firewall, otherwise it is a bit how to configure firewall however for snmp service.
The default web page directory is /var/www/html.
Let us create simple html file test.html in that directory and test:


<html>
<title>Test
<h1>&#x263b;</h1>
</body>
</html>

Open in web browser:
test web page
Adding HTTPS. Install additional mod_ssl module for Apache:


# sudo yum install mod_ssl

Create private key (private.key), certificate signing request file (certsr.crs) and self signed certificate file (selfsigned.crt):


# sudo openssl genrsa -out private.key 2048

# sudo openssl req -new -key private.key -out certsr.crs

# sudo openssl x509 -req -days 365 -in certsr.crs -signkey private.key -out selfsigned.crt

Copy the files to the appropriate locations:


# cp private.key /etc/pki/tls/private/

# cp certsr.crs /etc/pki/tls/private/

# cp selfsigned.crt /etc/pki/tls/certs/

Restart Apache:


# sudo systemctl restart httpd

Check Apache status again:


# sudo systemctl status httpd
● httpd.service – The Apache HTTP Server
 Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
  Active: active (running) since Wed 2021-03-24 13:28:08 CDT; 1min 6s ago
  Docs: man:httpd.service(8)
 Main PID: 378931 (httpd)
  Status: “Total requests: 4; Idle/Busy workers 100/0;Requests/sec: 0.0678; Bytes served/sec: 190 B/sec”
  Tasks: 213 (limit: 24856)
  Memory: 33.8M
  CGroup: /system.slice/httpd.service
    ├─378931 /usr/sbin/httpd -DFOREGROUND
    ├─378933 /usr/sbin/httpd -DFOREGROUND
    ├─378934 /usr/sbin/httpd -DFOREGROUND
    ├─378935 /usr/sbin/httpd -DFOREGROUND
    └─378936 /usr/sbin/httpd -DFOREGROUND

Mar 24 13:28:08 SVO-VPN-MOW-LNK systemd[1]: Starting The Apache HTTP Server…
Mar 24 13:28:08 SVO-VPN-MOW-LNK systemd[1]: Started The Apache HTTP Server.
Mar 24 13:28:08 SVO-VPN-MOW-LNK httpd[378931]: Server configured, listening on: port 443, port 80

Currently Apache is listening on 2 ports 80 and 443.

Open /etc/httpd/conf.d/ssl.conf file and update SSLCertificateFile and SSLCertificateKeyFile with previously created files: selfsigned.crt and private.key:


SSLCertificateFile /etc/pki/tls/certs/selfsigned.crt

SSLCertificateKeyFile /etc/pki/tls/private/private.key

Separate Document root location for HTTP and HTTPS protocols. Create /var/www/htmlssl directory, open /etc/httpd/conf.d/ssl.conf and uncomment DocumentRoot and set value to /var/www/htmlssl:


DocumentRoot “/var/www/htmlssl”

Restart Apache.

Now test accessibility to /var/www/html/test.html using HTTP connection:


# curl http://192.168.2.181/test.html
<html>
<title>Test</title>
<body>
<h1>&#x263b;</h1>
</body>
</html>

It works, but for HTTPS protocol shows 404 error:


# curl -k https://192.168.2.181/test.html
<!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
<html><head>
<title>404 Not Found</title>
</head><body>
<1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>

Create in /var/www/htmlssl similar test.html file as in /var/www/html directory with slightly different content:


<html>
<title>Test SSL</title>
<body>
<h1>SSL &#x263b;</h1>
</body>
</html>

In /etc/httpd/conf/httpd.conf add instruction to the browser to redirect HTTP GET request from any existing page to HTTPS GET request to test.html:


<VirtualHost *:80>
ServerName 192.168.2.181
RedirectMatch 301 / https://192.168.2.181/test.html
RedirectMatch 301 ^ https://192.168.2.181/test.html
</VirtualHost>

Now test redirection in browser, add in address box http://192.168.2.181 or http://192.168.2.181/test.html it should be redirected to https://192.168.2.181/test.html works:
test web page

Leave a Reply

Your email address will not be published. Required fields are marked *