To generate the keys for the Certificate Signing Request (CSR) run the following command from a terminal prompt:
$ openssl genrsa -des3 -out server.key 1024
To create the CSR:-
run the following command at a terminal prompt:
$ openssl req -new -key server.key -out server.csr
Creating a Self-Signed Certificate:-
To create the self-signed certificate, run the following command at a terminal prompt:
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Installing the Certificate:-
You can install the key file server.key and certificate file server.crt, or the certificate file issued by your CA, by running following commands at a terminal prompt:
$ sudo cp server.crt /etc/ssl/certs
$ sudo cp server.key /etc/ssl/private
Now simply configure any applications, with the ability to use public-key cryptography, to use the certificate and key files. For example, Apache can provide HTTPS.
To configure Apache for HTTPS add the following three lines to the /etc/apache2/sites-available/subversion file
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
Configure Apache Server (https) the Repository:-
We need to be sure the right modules are enabled
$ a2enmod dav
$ a2enmod dav_svn
We must set up virtual host for subversion server. File that you can put in /etc/apache2/sites-available/default (original file).so we can copy the original file (default) to duplication file (subversion).
$ sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/subversion.
Edit file $ sudo vim /etc/apache2/sites-available/subversion
NameVirtualHost 192.170.50.61:443
ServerAdmin webmaster@localhost
#SSLCertificate
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
DAV svn
SVNPath /home/svn/repos
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
#Required authentication
Require valid-user
# Require encryption
SSLRequireSSL
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Symbolic link:-
Be sure to make a symbolic link to that file in /etc/apache2/sites-enabled:
$ ln –s /etc/apache2/sites-available/subversion/ /etc/apache2/sites-enabled
Open Port Number:-
Add "Listen 443" to /etc/apache2/ports.conf:
$ sudo vim /etc/apache2/ports.conf
Listen 443
Subversion main configuration file:-
Edit /etc/apache2/mods-available/dav_svn.conf configuration file and follow the instructions:
$ sudo vim /etc/apache2/mods-available/dav_svn.conf
DAV svn
SVNPath /home/svn/repos
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
User authentication:-
To add the first user, you can run the following command:
$ sudo htpasswd -c /etc/apache2/dav_svn.passwd suresh
Note: If you have just installed SVN, the passwd file will not yet exist and needs to be created using the "-c" switch. Adding any users after that should be done without the "-c" switch to avoid overwriting the passwd file.
Direct repository you can run the following command:
$ sudo svn co file:///home/svn/repos
You should start apache service
$ sudo /etc/init.d/apache2 start
No comments:
Post a Comment