How to Create an SSL Certificate on Apache for Ubuntu 12.04

Setting up SSL/TLS certificates is essential for securing communications between your server and clients. This guide will show you how to create and install an SSL certificate on Apache for Ubuntu 12.04.

1. Install Apache and SSL Module

Ensure that Apache and the SSL module are installed:

sudo apt-get update
sudo apt-get install apache2
sudo a2enmod ssl

2. Create a Directory for SSL Certificates

Create a directory to store your SSL certificates and keys:

sudo mkdir /etc/apache2/ssl

3. Generate a Self-Signed SSL Certificate

Generate a private key and a self-signed SSL certificate with the following command:

sudo openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.crt -keyout /etc/apache2/ssl/apache.key

You will be prompted to enter some information. Fill in the details as appropriate for your organization. For local development, you can use placeholder values.

4. Configure Apache to Use SSL

Create or edit the SSL configuration file for Apache. Use the default SSL configuration file as a template:

sudo nano /etc/apache2/sites-available/default-ssl

Update the file with the following configuration:



    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.crt
    SSLCertificateKeyFile /etc/apache2/ssl/apache.key

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    

Save and close the file (press Ctrl+X, then Y, and Enter).

5. Enable the SSL Site and Restart Apache

Enable the SSL site and restart Apache to apply the changes:

sudo a2ensite default-ssl
sudo service apache2 restart

6. Verify SSL Installation

Open a web browser and navigate to https://your_server_ip. You should see your site with HTTPS, and the browser will likely display a warning because the certificate is self-signed.

7. Obtain a Trusted SSL Certificate (Optional)

For a production environment, it is recommended to obtain an SSL certificate from a trusted Certificate Authority (CA). You can use services like Let's Encrypt for a free, trusted certificate.

8. Keep Your SSL Certificates Updated

Ensure you renew your SSL certificates before they expire to maintain secure communications. Regularly check for updates and renewals if using a CA-signed certificate.

Was this answer helpful? 0 Users Found This Useful (0 Votes)