Add SSL to localhost on apache / linux

Leave a reply

Generate a Certificate Signing Request

1. Generate the keys for the Certificate Signing Request (CSR)

openssl genrsa -des3 -out server.key.secure 1024

2. Create the insecure key.

openssl rsa -in server.key.secure -out server.key.insecure

3. Create the CSR.

openssl req -new -key server.key.insecure -out server.csr

Fill in the appropriate information.

4. Create the self-signed certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

This creates server.crt

5. Install the self-signed certificate

sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private

Now you can configure apache with the ability to use public-key cryptography to use the certificate and key files.

Configure Apache to use SSL on local host

6. Enable ssl

sudo a2enmod ssl

7. Edit your default-ssl site (make backup copy)

Change:

SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

To:

SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

8. Enable the default-ssl site.

sudo a2ensite default-ssl

8. Restart the server.

sudo service apache2 restart

Navigate to https://localhost and examine your certificate details

Share

Leave a Reply

Your email address will not be published. Required fields are marked *