Create a Self-Signed SSL Certificate for Apache2 HTTP in Ubuntu 19.04 — codementor.tech
for a detail explanation please refer THIS link.
STEP 1: Install APACHE2 HTTP Server
If you don’t have APACHE2 HTTP installed, Simply type below command in your terminal. This command helps you to install APACHE2 HTTP server on Ubuntu 18.04.
sudo apt update
sudo apt install apache2Step 2: Creating Self-Signed Certificates
When you can’t install or afford trusted certificates from a certificate authority, you may get by with self-signed certificates. Both trusted, and self-signed certificates are the same and use the same protocols… the only difference is, one is trusted by a third party, and the other is not.
When you’re ready, run the commands below to generate the private server key as well as the self-signed SSL/TLS certificate for the chiragpatel.com domain… you’ll be using.
Note: chiragpatel.com is my server name
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/chiragpatel.com.key -out /etc/ssl/certs/chiragpatel.com.crtAfter running the commands above, you’ll be prompted to answer a few questions about the certificate you’re generating… answer them and complete the process.
Generating a 2048 bit RSA private key
........+++
.....................+++
writing new private key to 'mydomain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Gujarat
Locality Name (eg, city) []:Vadodara
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Company
Organizational Unit Name (eg, section) []:SSL Unit
Common Name (e.g. server FQDN or YOUR name) []:chiragpatel.com
Email Address []:chiragpatel@programmingschool.ioPlease enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: LEAVE BLANK
An optional company name []:
Step 3: Installing The Certificates
After generating the certificate, the next step will be to install it on an Apache2 server. To do that, open Apache2 SSL/TLS config file in Ubuntu and add the highlighted lines below…
sudo nano /etc/apache2/sites-available/default-ssl.conf<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName chiragpatel.com
ServerAlias www.chiragpatel.com
DocumentRoot /workspace/chiragpatel ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined #Include conf-available/serve-cgi-bin.conf # SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/ssl/certs/chiragpatel.com.crt
SSLCertificateKeyFile /etc/ssl/private/chiragpatel.com.key
#
#SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
#SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key </VirtualHost>
</IfModule>
Save and close it.
Next, open Apache2 default site config file and make sure the domain name is defined.
sudo nano /etc/apache2/sites-available/000-default.confOr else you can create the separate file.
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName chiragpatel.com
ServerAlias www.chiragpatel.com ServerAdmin chiragpatel@programmingschool.io
DocumentRoot /workspace/chiragpatel
</VirtualHost>sudo apachectl configtest
sudo a2enmod ssl
sudo a2ensite default-sslsudo systemctl restart apache2.serviceor sudo service apache2 restart
You will see, follow the instaructions,
Step 4: Redirect
Open,
sudo vim /etc/apache2/sites-available/000-default.confAdd below a line,
<VirtualHost *:80>
. . . Redirect permanent "/" "https://chiragpatel.com/" . . .
</VirtualHost>
Save and close the file.
Restart Apache2 and check again.
sudo systemctl restart apache2That’s it. cheers.
Happy Coding!
