Apache + HTTPS redirect on Debian

When will you need an automatically HTTPS redirection for your web service? Which means whenever client try to access the HTTP version, Apache will handle its redirection and forward them to HTTPS version. This technical is well known for most public web service which related to sensitives personal information, e.g. webmail, ebussiness, and epayment.

This simple mini-HOWTO will guide you though this useful skill with Apache 2.2 and Debian etch.

Install required packages
Run the following command to get Apache install for you Debian:

apt-get update
apt-get install apache2 ssl-cert

Setup HTTPS for Apache

First of all you will need to generate the SSL certificate:

mkdir -p /etc/apache2/ssl
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

And symbolic link the SSL module for activation:

ln -s /etc/apache2/mods-available/ssl.* /etc/apache2/mods-enabled/
Edit /etc/apache2/ports.conf to enable port 443 for Apache:
Listen 80
Listen 443

You should have etc/apache2/sites-available/default which linked as /etc/apache2/sites-enabled/000-defaultas default. Copy etc/apache2/sites-available/default as etc/apache2/sites-available/default-ssl, and edit original etc/apache2/sites-available/default as:

NameVirtualHost *:80
<VirtualHost *:80>
…
</VirtualHost>

And modify the new etc/apache2/sites-available/default-ssl as:

NameVirtualHost *:443
<VirtualHost *:443>
…
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
…
</VirtualHost>

For sure that you will need to symbolic link etc/apache2/sites-available/default-ssl as /etc/apache2/sites-enabled/000-default-ssl for HTTPS activation:

Restart you Apache and test the HTTPS connection (e.g. https://localhost/). You should have same result as that of HTTP version (http://localhost):

Done.