How To Install SSL Certificates On Apache2 Web Server

SSL for your websites is cool! Not only can you keep information private between those visiting your sites and your server, but you can also be rewarded for that. Implementing SSL for your blogs or websites will allow your sites to be promoted to higher ranks on Google Search Engine Result Pages (SERP).

This brief tutorial is going to show you how to easily implement SSL for your websites using Apache2. Once SSL is in place, you can then install your web applications on top of that, including WordPress or other content management systems.

Before you can get started, please make sure you have Ubuntu installed as well as root access to your server. Once you’ve verified those things, continue below to install and configure SSL for your sites.

For this tutorial, we’re going to be installing self-signed certificate. Self-signed certificates are the ones installed on web servers that browsers display warnings when users┬ávisit them.

In order for a web browser to trust a certificate presented to it by the server, it must be issued by a trusted certificate authority (CA). Since that certificate we’re installing in this test is self-signed and not signed by a trusted third-party, browsers that attempt to browse to this server using self-signed certificates will display warnings.

You can ignore that warnings and proceed, but at your own risk. This will work fine for encrypting your data, but you’ll always get a warning when you try to visit the site, unless you add it to your trusted site list.

When you’re ready, run the commands below to install Apache2

sudo apt-get install apache2

Then run the commands below to enable Apache2 SSL module.

sudo a2enmod ssl

Next, run the commands below to create a SSL folder.

sudo mkdir -p /etc/apache2/ssl/

Next, run the commands below to generate a self-sign certificate.

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Running the above commands will prompt you to answer few questions.. follow the guide below to answer them.

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Minnesota
Locality Name (eg, city) []:Minn
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Blog
Organizational Unit Name (eg, section) []:Dept of Blogging
Common Name (e.g. server FQDN or YOUR name) []:myblog.com
Email Address []:[email protected]

The new key should be stored in /etc/apache2/ssl directory called apache.crt alogn with its key called apache.key. From there you can reference the certificate on your sites.

When you want to reference this certificate for your websites, use the lines below into your virtual host directives for individual sites in the sites-available directory or globally for all sites in the /etc/apache2/mods-available/ssl.conf.

Or open /etc/apache2/sites-available/default-ssl.conf. Add the certificate file and turn on SSL.

Make the change into the SSL file to reference the SSL file stored in the /etc/ssl directory as highlighter below.

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin [email protected]
ServerName example.com:443
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

Save the file and restart Apache2 web server. Now.. Put your web content in /var/www/html or where you want it and your web apps will be SSL enabled.

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *