Setup SSL on Apache

You first need to enable to SSL module, this can be done as follows:

sudo a2enmod ssl

Then restart apache

sudo service apache2 restart

Create the server encryption keys:

cd /etc/apache2
sudo openssl genrsa -out server.key 2048

Use this set of keys to create a certificate request:

sudo openssl req -new -key server.key -out server.csr

When asked, input the data required (if you use a passphrase be sure to write down, but note you will be asked for this each time apache starts)

sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Install the key and certificate:

sudo cp server.crt /etc/ssl/certs/
sudo cp server.key /etc/ssl/private/

Open the “defaults” file for editing:

cd /etc/apache2/sites-available
sudo nano default-ssl

In this file you need to uncomment the SSLOptions line and also change the SSLCertificate lines to reflect the location and name of your new information.

SSLEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

The port 443 is enabled when you use SSL so that is ready to go.

Enable the default SSL site:

sudo a2ensite default-ssl

hen restart apache

sudo service apache2 restart

Once you have this working you can delete the certificate files you created in your /etc/apache2 directory.