Enabling SSH (https) for Apache 2 in Ubuntu/Mint/Possibly other Debian distro


# Intall apache
$ sudo apt-get install apache2

# Enable SSL module
$ sudo a2enmod ssl

# Restart Apache
$ sudo service apache2 restart

# Create a directory to store the SSLCertificateFile and SSLCertificateKeyFile
$ mkdir /etc/apache2/ssl

# Generate the keys
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
Generating a 2048 bit RSA private key
...................................+++
................................+++
writing new private key to '/etc/apache2/ssl/apache.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:Ontario
Locality Name (eg, city) []:Ottawa
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Ronald Pringadi
Organizational Unit Name (eg, section) []:Engineering
Common Name (e.g. server FQDN or YOUR name) []:ronald-mint.com
Email Address []:webmaster@some-cool-website.com

# Edit your hosts file and add "127.0.0.1 some-cool-website.com"
$ gedit /etc/hosts

# Edit your sites-available ssl config
$ gedit /etc/apache2/sites-available/default-ssl.conf
# Make sure you add the following line under the email
ServerName some-cool-website:443
# Also replace
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

# Activte site
$ sudo a2ensite default-ssl

# Reload Apache
$ sudo service apache2 reload

Open your browser and point it to https://some-cool-website.com. The browser will prompt you that the website is using a self-sign certificate, and do you want to continue and accept that certificate. Answer yes and that’s all to it

Leave a Reply

Your email address will not be published. Required fields are marked *


one × 9 =