Enable Apache SSL

Quick procedure to enable SSL on Apache WebServer installed on Ubuntu, to deliver contents over a secure connection.

In this procedure, we assume the use of a Self-Signed Certificate.

The problem with using a self-signed certificate for a “real-life” working web server is that any browser connecting to the site will not recognize the certificate authority. This means that the user will be asked to verify the certificate.

1. Create CSR:

openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out server.key.insecure
openssl req -new -key server.key -out server.csr

2. Create server’s Certificate:

openssl x509 -req -days 365 -in server.csr \
  -signkey server.key -out server.crt

3. Copy the right stuff in the right places:

cp server.crt /etc/ssl/certs/
cp server.key /etc/ssl/private/

4. Enable Apache SSL Module:

a2enmod ssl

5. Integrate SSL configuration on your VirtualHost Configuration
(Ex: edit default enabled-site configuration file):

vim /etc/apache2/sites-enabled/000-default
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

Note: Named-Based VirtualHost is not possible with SSL Enabled, see Apache Documentation.

6. Restart Apache Server:

service apache2 restart

Comments are closed.