Adding public certificate to bitnami azure ubuntu install


#1

Has anyone managed to install a public cert on Ubuntu using the bitnami installer for dreamfactory? I would really appreciate step by step instructions. I looked at https://www.digicert.com/ssl-certificate-installation-ubuntu-server-with-apache2.htm and the folders do not appear the same, I cannot figure it out.


#2

I don’t have a cert of my own or my hands on a public webserver (except my personal one at home, which I’m not running any sort of SSL on yet) to test the end result of this, so I’m going to start simple and just correlate the paths from the DigiCert guide with where such things are located on an Ubuntu Bitnami install of 1.8.2-1.

The paths here will depend on the root directory you selected when running the Bitnami installer. I selected /opt/bitnami/dreamfactory1.8.2-1/ so if you installed elsewhere just substitute your path there. Once within my /dreamfactory1.8.2-1/ directory, everything I see should look the same to you (subdirectories apache2, apps, common, config, git, img, licenses, mysql, php, postgresql, scripts, and sqlite).

Since this is configuration of the A part of the Bitnami LAMP stack, and not DSP-related, I have relied heavily on Bitnami’s own documentation wiki and forum.

Assuming I had already placed and assigned proper permissions to the following files in /opt/bitnami/apache2/conf/ (their actual location is of little import as long as their location is known):

myDomain.crt
myKey.key
myAuthority.crt

First, I would edit /opt/bitnami/apache2/conf/extra/httpd-ssl.conf to change the values (found starting around line 100 in the file)

SSLCertificateFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/server.key"
#SSLCertificateChainFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/server-ca.crt"

to the values

SSLCertificateFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/myDomain.crt"
SSLCertificateKeyFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/myKey.key"
SSLCertificateChainFile "/opt/bitnami/dreamfactory-1.8.2-1/apache2/conf/myAuthority.crt"

(note the value SSLCertificateChainFile needs to be un-commented, assuming you’re provided (as most CAs do) a CA bundle file).

Then I would restart Apache. Might as well use the nice script Bitnami provides:

sudo /opt/bitnami/ctlscript.sh restart apache

Then, ostensibly, my server would be up and running with the Bitnami vhost responding to HTTPS requests with the new certificate I provided. @alindzon let’s start there, and let me know how it goes.