Setting up a self signed SSL certificate with Apache

I’m assuming you have Apache installed.

Enable the SSL mod for apache:

sudo a2enmod ssl

Create a directory for the certificates:

sudo mkdir /etc/apache2/ssl

Generate the certificate:

sudo openssl req -x509 -nodes -days 365000 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Openssl will ask for some information, make sure you set the FQDN properly, the rest don’t matter.

Now edit your virtualhost to point to port 443:

<VirtualHost *:443>

Add the port to the server name directive:


Then enable SSL and point the virtualhost at the certificates:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

Save the file and restart Apache

sudo service apache2 restart

Now if you want to redirect non-SSL requests to the SSL port add another virtualhost that looks like the following:

NameVirtualHost *:80
<VirtualHost *:80>
   Redirect permanent /

Then a2ensite the new virtualhost and restart Apache once more.

Apt can’t see sources? Try changing the User Agent

If you are trying to use apt behind a corporate firewall, try changing the user agent apt is using with wget to load the package lists. By default it uses:

User-Agent: Debian APT-HTTP/1.3

which isn’t recognised by the filter.

1. Create and edit /etc/apt/apt.conf

sudo vi /etc/apt/apt.conf

2. Paste the following into the file:

  http::User-Agent "Mozilla/5.0 (Windows NT 5.1; rv:25.0) Gecko/20100101 Firefox/25.0";

3. Update apt

sudo apt-get update