“Wah, udah beberapa minggu ini tidak melakukan postingan di sini, memang sih, akhir2 ini pikiran terfokus pada membantu siswa2 XII TKJ untuk persiapan menghadapi ujian akhir, jadi blog ini agak tersingkirkan dari pikiran. Dan Kebetulan kemaren banyak dari siswa tersebut  bertanya tentang ngaktifkan module ssl di apache, yah, sambil ngingat2 trus browsing2 serta mencoba, jadi deh postingan ini, mudah2an  bermanfaat.

INSTALASI  MySQL

choenkill:~ # yast2 –i mysql

Kemudian jalankan mysql

choenkill:~ # rcmysql start
Creating/Updating MySQL privilege database…
Installing all prepared tables
Fill help tables
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password ‘new-password’
/usr/bin/mysqladmin -u root -h choenkill.punya password ‘new-password’
See the manual for more instructions.
You can test the MySQL daemon with the benchmarks in the ’sql-bench’ directory:
cd sql-bench ; perl run-all-tests
Please report any problems with the /usr/bin/mysqlbug script!
The latest information about MySQL is available on the web at http://www.mysql.com
Support MySQL by buying support/licenses at https://order.mysql.com
Updating MySQL privilege database…
Fixing privilege tables…
Starting service MySQL done
Cek status mysql
choenkill:~ # netstat -lpt | grep “mysql”
tcp 0 0 *:mysql *:* LISTEN 3455/mysqld

Lalu konfigurasi agar mysql dijalan secara otomatis saat start-up

choenkill:~ # chkconfig –add mysql
mysql 0:off 1:off 2:on 3:on 4:off 5:on 6:off

 

Terlihat mysql on pada run level 3 dan 5

Kemudian kita akan mengeset password access mysql (ini bisa dilakukan secara manual, menggunakan command “mysqladmin” atau “mysql_secure_installation”, disini saya menggunakan script “mysql_secure_installation”.

 

choenkill:~ # /usr/bin/mysql_secure_installation

Terlihat pesan seperti dibawah ini:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we’ll need the current
password for the root user. If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none):

 

Karena mysql ini baru diinstall (belum ada password), silahkan enter

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we’ll need the current
password for the root user. If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

 

Enter current password for root (enter for none):

OK, successfully used password, moving on…

 

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Sekarang, tekan enter untuk memberikan sugesti jawaban (huruf besar) untuk setiap pertanyaan.

Set root password? [Y/n]
New password: (type your password, should be more than 10 characters)
Re-enter new password: (re-type your password)
Password updated successfully!
Reloading privilege tables..
… Success!

 

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

 

Remove anonymous users? [Y/n]

 

 

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

 

Disallow root login remotely? [Y/n]

… Success!

 

By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

 

Remove test database and access to it? [Y/n]

- Dropping test database…

… Success!

- Removing privileges on test database…

… Success!

 

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

 

… Success!

 

Cleaning up…

 

 

All done! If you’ve completed all of the above steps, your MySQL installation should now be secure.

 

Thanks for using MySQL!

 

Untuk mengecek apakah mysql kita telah terkonfigurasi dengan benar, kita coba untuk menggunakan mysql-client.

choenkill:~ # mysql –u root –p
Enter password:

 

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9 to server version: 5.0.18
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

 

mysql>

 

Untuk kembali ke shell, lakukan

mysql>quit
bye
choenkill:~ #

 

INSTALASI APACHE DAN PHP5

choenkill:~ #yast2 –i php5
choenkill:~ #yast2 -i php5-mysql
choenkill:~ #yast2 -i apache2
choenkill:~ # yast2 -i apache2-mod_php5

Kemudian jalankan apache2

choenkill:~ # rcapache2 start
Starting httpd2 (prefork) done

Untuk mengecek versi dari php yang terinstall dan file serta direktori penting diletakkan lakukan perintah:

choenkill:~ # httpd2 –V
Server version : Apache/2.2.0
Server built : May 2 2006 08:47:14
Server’s Module Magic Number: 20051115:0
Architecture : 32-bit
Server MPM : Prefork
Threaded : no
Forked : yes (variable process count)
Server compiled with….
-D APACHE_MPM_DIR=”server/mpm/prefork”
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT=”/srv/www”
-D SUEXEC_BIN=”/usr/sbin/suexec2″
-D DEFAULT_PIDLOG=”/var/run/httpd2.pid”
-D DEFAULT_SCOREBOARD=”logs/apache_runtime_status”
-D DEFAULT_LOCKFILE=”/var/run/accept.lock”
-D DEFAULT_ERRORLOG=”/var/log/apache2/error_log”
-D AP_TYPES_CONFIG_FILE=”/etc/apache2/mime.types”
-D SERVER_CONFIG_FILE=”/etc/apache2/httpd.conf”

Lakukan penambahan di chkconfig, agar apache2 dijalankan secara otomatis saat start-up

choenkill:~ # chkconfig –add apache2
apache2 0:off 1:off 2:off 3:on 4:off 5:on 6:off

 

Untuk menenablekan ssl modul di apache, dapat dilakukan dengan a2enflag

choenkill:~ # a2enflag SSL

Atau edit file “/etc/sysconfig/apache2”, yaitu dengan memasukkan SSL di APACHE_SERVER_FLAGS

APACHE_SERVER_FLAGS=” SSL”

Kemudian restart apache2

choenkill:~ # rcapache2 restart
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) done
Starting httpd2 (prefork) done

Cek status http

choenkill:~ # netstat -lpt | grep “http”
tcp 0 0 *:www-http *:* LISTEN 4904/httpd2-prefork
tcp 0 0 *:https *:* LISTEN 4904/httpd2-prefork

Menggenerat SSL keys untuk server ini, menggunakan “gensslcert”

choenkill:~ # gensslcert
comment mod_ssl server certificate
name
C                            XY
ST                         unknown
L                            unknown
U                           web server
O                           SuSE Linux Web Server
CN                        choenkill.punya
email                    webmaster@choenkill.punya
srvdays                730
CAdays                2190creating CA key …
27042 semi-random bytes loaded
Generating RSA private key, 2048 bit long modulus
………………………………………………..+++
……………………………………………………………………………………………………………….+++
e is 65537 (0×10001)

 

 

creating CA request/certificate …
`/etc/apache2/ssl.crt/ca.crt’ -> `/srv/www/htdocs/CA.crt’

 

creating server key …
27042 semi-random bytes loaded
|Generating RSA private key, 1024 bit long modulus
…++++++
…….++++++
e is 65537 (0×10001)

 

creating server request …
creating server certificate …
Signature ok
subject=/C=XY/ST=unknown/L=unknown/O=SuSE Linux Web Server/OU=web server/CN=choenkill.punya/emailAddress=webmaster@choenkill.punya
Getting CA Private Key

 

Verify: matching certificate & key modulus

 

Verify: matching certificate signature
/etc/apache2/ssl.crt/server.crt: OK

 

Kemudian pindah ke direktori /etc/apache2/vhost.d

choenkill:~ # cd /etc/apache2/vhosts.d/
choenkill:/etc/apache2/vhosts.d # ls
vhost-ssl.template vhost.template

 

Copy file vhost-ssl.template kenama mesin kita, disini contohnya “choenkill”

choenkill:/etc/apache2/vhosts.d # cp vhost-ssl.template choenkill.conf
choenkill:/etc/apache2/vhosts.d # ls
choenkill.conf vhost-ssl.template vhost.template

 

Kemudian restart apache2

choenkill:/etc/apache2/vhosts.d # rcapache2 restart
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) done
Starting httpd2 (prefork)

 

Buat sebuah file php di /srv/www/htdocs

choenkill:~ # echo “<?php phpinfo(); ?>” >> /srv/www/htdocs/coba.php

 

Buka browser di client, test server yang kita buat J

http://ipaddress-server/coba.php dan

https://ipaddress-server/coba.php

Sumber : http://en.opensuse.org