Nakonec se mi to povedlo: m\u0139\u017bj web server kone\u00c4\u008dn\u00c4\u009b um\u0102\u00ad ssl. Cht\u00c4\u009bl jsem to rozchodit hlavn\u00c4\u009b kuli t\u00c4\u009bm fakturac\u0102\u00adm. Te\u00c4\u008f u\u0139\u017e jen mus\u0102\u00adm zjistit jak zak\u0102\u0104zat do ur\u00c4\u008dit\u0102\u0160ho adres\u0102\u0104\u0139\u0099e nekryptovan\u0102\u02dd vstup a bude. No ale \u0139\u017ee mi to dalo zabrat. Nejd\u0139\u0099\u0102\u00adv jsem nainstaloval debian\u0102\u00ad bal\u0102\u00ad\u00c4\u008dek s mod_ssl. Nepomohlo. Pak jsem na\u0139\u0104el n\u00c4\u009bjak\u0102\u0160 nastaven\u0102\u00ad do http.conf, ale tak jednoduch\u0102\u0160 to opravdu nen\u0102\u00ad. Potom co nepro\u0139\u0104la kuli z\u0102\u0104vislostem instalace apache-ssl jsem zkusil \u0139\u0104t\u00c4\u009bst\u0102\u00ad se zdroj\u0102\u0104kama. St\u0102\u0104hnul jsem zdroj\u0102\u0104ky openssl, mod_ssl a nov\u0102\u0160ho apache. To bylo dnes (tedy vlastn\u00c4\u009b v\u00c4\u008dera) r\u0102\u0104no. Nejd\u0139\u0099\u0102\u00adv jsem si myslel, \u0139\u017ee nejv\u00c4\u009bt\u0139\u0104\u0102\u00ad probl\u0102\u0160m bude vnutit mu debian\u0102\u00ad cesty na kter\u0102\u02dd u\u0139\u017e jsem zviklej a hlavn\u00c4\u009b v nich u\u0139\u017e m\u0102\u0104m v\u0139\u0104echno pot\u0139\u0099ebn\u0102\u0160, ale kdy\u0139\u017e jsem to tak ud\u00c4\u009blal, tak jsem zjistil, \u0139\u017ee ten parchant httpd (BTW tak\u0102\u0160 jsem stahoval diff zdroj\u0102\u0104ku apache pro debiana a aby dos\u0102\u0104hli toho, aby se ta bin\u0102\u0104rka jmenovala apache a ne httpd, tak norm\u0102\u0104ln\u00c4\u009b natvrdo pro\u0139\u017eenou Makefile sedem \ud83d\ude09 ten parchant httpd h\u0102\u0104\u0139\u017ee chybu \u0139\u017ee nezn\u0102\u0104 LoadModule!<\/p>\n
Nejd\u0139\u0099\u0102\u00adv jsem myslel, \u0139\u017ee je to probl\u0102\u0160m nezkompilovan\u0102\u0160ho modulu, a\u0139\u017e mi nakonec LOC po ICQ poradil, \u0139\u017ee je tam speci\u0102\u0104ln\u0102\u00ad modul, kterej se star\u0102\u0104 o natahov\u0102\u0104n\u0102\u00ad ostatn\u0102\u00adch modul\u0139\u017b. Pak u\u0139\u017e nebylo tak t\u00c4\u009b\u0139\u017ek\u0102\u02dd naj\u0102\u00adt, \u0139\u017ee se ten modul jmenuje „so“, akor\u0102\u0104t mi trochu uniklo, pro\u00c4\u008d nen\u0102\u00ad defaultn\u00c4\u009b zapnut\u0102\u02dd.<\/p>\n
T\u0102\u00adm v\u0139\u0104ak probl\u0102\u0160my neskon\u00c4\u008dili. Pak se t\u0139\u0099eba httpd choval tak, \u0139\u017ee se sice spustil, ale p\u0139\u0099i pokusu o komunikaci to vl\u0102\u0104kno prost\u00c4\u009b havarovalo a prohl\u0102\u00ad\u0139\u017ee\u00c4\u008d nic nenapsal ani neud\u00c4\u009blal. Nakonec jsem je\u0139\u0104t\u00c4\u009b zkou\u0139\u0104el tak\u0102\u0160 na radu LOC utilitku apachetoolbox, ale stejn\u00c4\u009b jsem se nikam nedostal. Je to utilitka, kter\u0102\u0104 konfiguruje apache, postahuje po\u0139\u017eadovan\u0102\u0160 moduly a pak to cel\u0102\u0160 zkompiluje. Tro\u0139\u0104ku v duchu menuconfigu.<\/p>\n
Ka\u0139\u017edop\u0102\u0104dn\u00c4\u009b ten zkompilovan\u0102\u02dd apache se choval po\u0139\u0099\u0102\u0104d stejn\u00c4\u009b \u0139\u0104patn\u00c4\u009b, tak jsem se na to vyka\u0139\u0104lal a \u0139\u0104el jsem rad\u00c4\u009bji hledat n\u00c4\u009bjak\u0102\u02dd bloger, kam bych mohl ps\u0102\u0104t den\u0102\u00ad\u00c4\u008dek (no a v\u0102\u02ddsledkem je tenhle web). N\u00c4\u009bkdy tak po jeden\u0102\u0104ct\u0102\u0160, kdy\u0139\u017e u\u0139\u017e jsem si dost vyhr\u0102\u0104l s barvi\u00c4\u008dkami, mi to ale nedalo a pustil jsem se znovu do toho sslka. N\u00c4\u009bkde v n\u00c4\u009bjak\u0102\u0160 konferenci na Googlu<\/a> jsem na\u0139\u0104el radu, \u0139\u017ee by se m\u00c4\u009bl zap\u0102\u00adnat v http.conf direct\u0102\u00adva SSLEngine on<\/i>, ale potom to po\u0139\u0099\u0102\u0104d nechodilo.<\/p>\n Tentokr\u0102\u0104t jsem za\u00c4\u008dal tam, kde jsem m\u00c4\u009bl za\u00c4\u008d\u0102\u00adt hned od za\u00c4\u008d\u0102\u0104tku, toti\u0139\u017e v \/var\/log\/apache\/error.log No nebudu to d\u0102\u0104l protahovat, nakonec jsem zjistil, \u0139\u017ee m\u0102\u0104m blb\u00c4\u009b vygenerovan\u0102\u0160 \u0139\u0104ifrovac\u0102\u00ad kl\u0102\u00ad\u00c4\u008de. P\u0139\u0099edt\u0102\u00adm jsem to d\u00c4\u009blal, pomoc\u0102\u00ad \/usr\/lib\/apache\/mod-ssl-makecert.sh, ale nakonec jsem v konferenc\u0102\u00adch o5 na Googlu na\u0139\u0104el odkaz<\/a> a nakonec jsem si kl\u0102\u00ad\u00c4\u008de vygeneroval hezky s\u0102\u0104m podle toho step-by-step howto\u00c4\u008dka. Na z\u0102\u0104v\u00c4\u009br je\u0139\u0104t\u00c4\u009b p\u0139\u0099ikl\u0102\u0104d\u0102\u0104m kr\u0102\u0104tk\u0102\u02dd v\u0102\u02ddpis ze sv\u0102\u0160ho http.conf t\u0102\u02ddkaj\u0102\u00adc\u0102\u00adho se toho, co jsem dnes zkonfiguroval.<\/p>\n Port 80 # SSL Nakonec se mi to povedlo: m\u0139\u017bj web server kone\u00c4\u008dn\u00c4\u009b um\u0102\u00ad ssl. Cht\u00c4\u009bl jsem to rozchodit hlavn\u00c4\u009b kuli t\u00c4\u009bm fakturac\u0102\u00adm. Te\u00c4\u008f u\u0139\u017e jen mus\u0102\u00adm zjistit jak zak\u0102\u0104zat do ur\u00c4\u008dit\u0102\u0160ho adres\u0102\u0104\u0139\u0099e nekryptovan\u0102\u02dd vstup a bude. No ale \u0139\u017ee mi to dalo zabrat. Nejd\u0139\u0099\u0102\u00adv jsem nainstaloval debian\u0102\u00ad bal\u0102\u00ad\u00c4\u008dek s mod_ssl. Nepomohlo. Pak jsem na\u0139\u0104el n\u00c4\u009bjak\u0102\u0160 nastaven\u0102\u00ad do http.conf, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts\/8","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8"}],"version-history":[{"count":0,"href":"https:\/\/nax.cz\/index.php?rest_route=\/wp\/v2\/posts\/8\/revisions"}],"wp:attachment":[{"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nax.cz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nListen 80
\nListen 443<\/p>\n
\n
\nSSLEngine on
\nSSLCACertificateFile \/etc\/apache\/ssl\/ca.crt
\nSSLCertificateFile \/etc\/apache\/ssl\/server.crt
\nSSLCertificateKeyFile \/etc\/apache\/ssl\/server.key
\nSSLLog \/var\/log\/apache\/apache_ssl_engine_log
\nSSLVerifyClient none
\n<\/virtualhost><\/p>\n","protected":false},"excerpt":{"rendered":"