Setting up a self signed SSL certificate with Apache

I’m assuming you have Apache installed.

Enable the SSL mod for apache:

sudo a2enmod ssl

Create a directory for the certificates:

sudo mkdir /etc/apache2/ssl

Generate the certificate:

sudo openssl req -x509 -nodes -days 365000 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Openssl will ask for some information, make sure you set the FQDN properly, the rest don’t matter.

Now edit your virtualhost to point to port 443:

<VirtualHost *:443>

Add the port to the server name directive:

ServerName example.com:443

Then enable SSL and point the virtualhost at the certificates:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

Save the file and restart Apache

sudo service apache2 restart

Now if you want to redirect non-SSL requests to the SSL port add another virtualhost that looks like the following:

NameVirtualHost *:80
<VirtualHost *:80>
   ServerName example.com
   Redirect permanent / https://example.com/
</VirtualHost>

Then a2ensite the new virtualhost and restart Apache once more.

By Sam

Drupal developer from Perth, Western Australia. I love programming, gaming, the Internet, growing vegetables and hiking.

Leave a comment

Your email address will not be published. Required fields are marked *