I have just successfully set up my Apache 2.2.22 with RapidSSL / GeoTrust SSL green verified certificate, a very cheap and easy to setup solution that is not warning all your customers in red colors.
This tutorial covers
- How to create a Virtual Host in Apache, that will listen on port 443 (HTTPS), you may have different settings for port 80 and 443, it is also easy to turn off / disable (in Apache terms a2dissite) only one port in case of troubleshooting.
- Basic terminology of certificate, private key file suffixes, where to upload them on server under what file permissions accessible to which users or groups. When you generate a SSL certificate or buy it from some trusted authority, it is not a one single file but finaly at least three files ...
- Security concerns with private key and password (if set, you may be asked for a password every time Apache is restarted, ...). Turning on access to port 443 in firewall or Amazon EC2 security group, ...
- How to test, if https://www.example.com is working fine.
- How to redirect https to http, multiple solutions, mostly using Virtual Hosts or ModRewrite module.
- Performance concerns with http vs. https.
- Price and what are your options with buying a SSL certificate from trusted authority.