SSL Encryption

The typical method of enabling SSL encryption in Apache is to use mod_ssl. A downside of that approach is that SSL does not work with name-based Virtual Hosts (Why can't I use SSL with name-based/non-IP-based virtual hosts?). An alternative is to use mod_gnutls in order to have name-based SSL-enabled Virtual Hosts using the Server Name Indication (SNI) feature of the SSL/TLS protocol ca. However, SNI requires a newer web browser such as Firefox 2.x, Opera 8.x, Internet Explorer 7.x+, Google Chrome, Safara 3.2.1.

• mod_ssl instructions:
  Enable SSL in Apache config
  Enable the SSL config file in the main Apache config, /usr/local/apache2/conf/httpd.conf by uncommenting:
  Include conf/extra/httpd-ssl.conf

  Edit the /usr/local/apache2/conf/extra/httpd-ssl.conf and comment out the default <VirtualHos> directive (all the lines in it).
  Virtual Hosts with SSL
  There's a variety of gotchas with using SSL with Virtual Hosts but by using a wildcard certificate, you can do it (though the end user will still get warnings).
  Edit /usr/local/apache2/conf/extra/httpd-vhosts.conf and add the

  NameVirtualHost *:443

  Then create an entry for your VirtualHost:

  <VirtualHost *:443>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /path/to/www.example.com
  # Note: SSL settings only need to be defined once!
  SSLEngine On
  SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
  SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
</VirtualHost>

  For additional VirtualHosts, you can omit the key information:

  <VirtualHost 192.168.1.200:80 192.168.1.200:443>
ServerName subsite.example.com
DocumentRoot /path/to/subsite.example.com
</VirtualHost>
• mod_gnutls instructions:

Restart Apache using daemontools:

Verify that it all works by accessing your site from your web browser. Be sure to use "https" instead of "http".

Resources
Guide to Webserver SSL Certificates