====== Certificados SSL ======

===== Resumen =====

==== Comandos ====
 
Generales

<code bash>
apt install apache2
systemctl restart apache2
systemctl status apache2
a2enmod ssl
</code>

Generar Certificados Pasos Detallados
<code bash>
openssl genrsa -out tutorialspedia.key 2048
openssl rsa -in tutorialspedia.key -pubout -out tutorialspedia_public.key
openssl req -new -key tutorialspedia.key -out tutorialspedia.csr
openssl req -text -in tutorialspedia.csr -noout -verify
openssl x509 -in tutorialspedia.csr -out tutorialspedia.crt -req -signkey tutorialspedia.key -days 365
</code>

Generar Certificados Varios Pasos

<code bash>
 openssl genrsa -des3 -out server.key 4096
 openssl req -new -key server.key -out server.csr
 cp server.key server.key.org
 openssl rsa -in server.key.org -out server.key
 openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
 sudo mkdir /etc/apache2/ssl
 sudo cp server.crt /etc/apache2/ssl/server.crt
 sudo cp server.key /etc/apache2/ssl/server.key
</code>

Generar Certificados Un Paso

<code bash>
 openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout apache-selfsigned.key -out apache-selfsigned.crt
</code>

Generar CSR para Comprar un Certificado

<code bash>
 openssl req -newkey rsa:4096 -nodes -keyout example.com.key -out example.com.csr
</code>

Generar CSR para Comprar un Certificado usando llave existente
<code bash>
 openssl req -key example.com.key -new -out example.com.csr
</code>


==== Archivos ====

<code bash>
/etc/apache2/sites-available/000-default.conf
/etc/apache2/sites-available/default-ssl.conf
/etc/ssl/private/
/etc/ssl/certs/
</code>



==== Opciones ====

<code bash>
<IfModule mod_ssl.c>
                SSLEngine on

                SSLCertificateFile      /etc/ssl/certs/apache-selfsigned.crt
                SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
</IfModule>
</code>


==== Referencias ====

  * https://debian-handbook.info/browse/stable/sect.http-web-server.html
  * https://www.techrepublic.com/article/how-to-create-a-self-signed-certificate-to-be-used-for-apache2/
  * https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-18-04
  * https://wiki.debian.org/Self-Signed_Certificate
  * https://www.tecmint.com/install-nginx-with-virtual-hosts-and-ssl-certificate/
  * https://www.tecmint.com/generate-csr-certificate-signing-request-in-linux/


====== Directorios con Clave ======

===== Resumen =====

==== Comandos ====
<code bash>
apt install apache2
apt install apache2-utils
systemctl restart apache2
systemctl status apache2

htpasswd -c /etc/apache2/.htpasswd sammy
</code>
==== Archivos ====
<code bash>
/etc/apache2/sites-enabled/000-default.conf
</code>
==== Opciones ====
<code bash>
    <Directory "/var/www/html">
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
        Require ip 192.168.0.0/16
    </Directory>
</code>
==== Referencias ====
  * https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04
  * https://www.liquidweb.com/kb/apache-performance-tuning-mpm-directives/
  * https://www.golinuxcloud.com/shell-script-to-generate-certificate-openssl/