In a previous post, we covered the creation of a CSR and key for obtaining an SSL certificate. Today, we’ll focus on generating a self-signed SSL certificate, a useful step in development and testing environments. Follow along to secure your website with HTTPS.
Generating the SSL Certificate
To create a self-signed SSL certificate, execute the following command:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout www.shkodenko.com.key -out www.shkodenko.com.crt
This command generates a self-signed certificate valid for 365 days.
Configuring Apache
Next step, let’s configure Apache to use the SSL certificate. Add the following configuration to your virtual host file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName shkodenko.com
ServerAlias www.shkodenko.com
DocumentRoot /home/shkodenko/public_html
ServerAdmin webmaster@shkodenko.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/www.shkodenko.com.crt
SSLCertificateKeyFile /etc/ssl/private/www.shkodenko.com.key
CustomLog /var/log/apache2/shkodenko.com-ssl_log combined
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /home/shkodenko/public_html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>
This configuration sets up SSL for your domain, specifying the SSL certificate and key files.
Checking Syntax and Restarting Apache
Before restarting Apache, it’s crucial to check the configuration syntax:
apachectl -t
If the syntax is correct, restart Apache to apply the changes:
systemctl restart apache2
or
service apache2 restart
Ensure your website now loads with HTTPS. You’ve successfully generated a self-signed SSL certificate and configured Apache to use it!
