setting up web infrastructure DNS and HTTPS for your cloud Infrastructure as a Service OCI

Goal

The goal of this blog is to setup DNS Name and HTTPS Certificate

Assumptions 

You would be using Cloud Flare to setup your DNS and you would buy your domain name from godaddy and using Oracle cloud – all these 3 can vary however the procedure remains more or less the same.

Buying a Domain

You would need to register a domain from domain name service provider such as godaddy or anyone else , Once you buy the domain name you can access the default home page within max 24 hours and should be able to access your website and admin console area

Make Note of DNS Names this eventually needs to be changed 

Making Note of Public IP Address

We would need to Map our Public IP address from OCI Console to CloudFlare ( Assuming that you already have cloudflare account created )

Let us assume that our Public IP address A.B.C.D this is something that we need to Provide in website IP address at CloudFlare

Cloudflare DNS and Hostname Mapping

In the Domain Name setting under DNS Tab , give the newly purchased hostname and map it to Public IP Address of the Server

example we can map as below

A record of somedomain.com to A.B.C.D ( Public IP )

CNAME should have www.yourdomain.com

Scroll down to make note of DNS Named Server urls – this is something that needs to replace godday DNS Server

Generating SSL Certificate from Cloudflare

Select Crypto Tab , Generate SSL Certificate , this will create 2 files 1) yourdomain.crt and 2) yourdomain.key – copy paste this as CRT and KEY files , we would later need to upload this to our server

Important : FTP the KEY and CRT files to any folder of your choice example /mnt/path/certificates/

SSH to Server and Modify Apache Settings

sudo vi /etc/apache2/sites-available/000-default.conf 
 VirtualHost *:80  

        ServerName yourdomain.com
        ServerAlias www.yourdomain.com

        ServerAdmin webmaster@yourdomain.com
        
        DocumentRoot /mnt/path/www/html
 

        # Available loglevels: trace8, ..., trace1, debug, info, 
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
 
 VirtualHost 
 VirtualHost *:443 
	ServerName yourdomain.com
        ServerAlias www.yourdomain.com

        ServerAdmin webmaster@yourdomain.com
        #DocumentRoot /var/www/html
        DocumentRoot /mnt/path/www/html

        SSLEngine on
        SSLCertificateFile /mnt/path/certificates/yourdomain.com.crt
        SSLCertificateKeyFile /mnt/path/certificates/yourdomain.com.key
  
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
 /VirtualHost  

Reality Check 

http://yourdomain.com and http://www.yourdomain.com

https://yourdomain.com and https://www.yourdomain.com

should now be live and be accessing content from your public ip A.B.C.D