EX200 Exam - Question 67

To configure the Apache web server with SSL for encrypted communication on the www.rhce.com domain with IP address 192.100.0.2, follow these steps: 1) Install the mod_ssl module if not already installed: `yum install mod_ssl`. 2) Ensure the HTTP daemon is enabled and running: `systemctl enable --now httpd`. 3) Verify that the SSL module is running: `apachectl -M | grep ssl`. 4) Open the firewall for HTTPS access: `firewall-cmd --zone=public --add-service=https --permanent` and then reload the firewall: `firewall-cmd --reload`. 5) Generate the SSL certificate and key using OpenSSL: `openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/httpd.key -x509 -days 365 -out /etc/pki/tls/certs/httpd.crt`. 6) Edit the Apache SSL configuration file: `vim /etc/httpd/conf.d/ssl.conf` and add the following lines: `SSLCertificateFile /etc/pki/tls/certs/httpd.crt`, `SSLCertificateKeyFile /etc/pki/tls/private/httpd.key`, `<VirtualHost 192.100.0.2:443>`, `DocumentRoot "/var/www/html"`, `ServerName www.rhce.com:443`, `</VirtualHost>`. 7) Create the necessary directory and index page on the specified path (you can download the index page from ftp://server1.example.com during the exam). 8) Finally, restart the Apache service for changes to take effect: `systemctl restart httpd`. This setup ensures the necessary SSL configurations are made and the web server can communicate securely over HTTPS.