Creating SSL Certificate on Apache2 Web Servers
Creating SSL Certificate on Apache2 web servers will enable you to secure the data transmitted within your website without the need for certificates purchased from certificate authorities. This is useful on when you want to secure your data but it can also hinder users from proceeding to your website since they will encounter a warning that states that the certificate installed in your website is not signed by a trusted certificate authority.
Nonetheless, if you are aiming to install a self-signed certificate created on Apache2 for your website, you can follow the guideline in here.
Godaddy is a great option for reliable, cheap SSL certs. Get the best price.
Creating a Self-Signed Certificate on Apache2
The guideline below shows how creating SSL Certificate on Apache2 web servers could be possible. Following the guide will allow you to create your self-signed certificate and install then activate it on your server to secure your website.
- Create your self-signed certificate through Apache2.
Of course, before you can create your own self-signed certificate, you need to install Apache2 first. This will allow you to run all the commands needed for the creation and installation of the self-signed cert.
Run this command to install Apache2:
sudo apt-get install apache2
Once you are done, enable the SSL Module by running this command:
sudo a2enmod ssl
After activating the SSL Module, create a folder where the certificate will be stored:
sudo mkdir -p /etc/apache2/ssl/
Now is the self-signed certificate creation part. Run this command to generate a self-signed cert:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
Make sure that you provide all the necessary info about your website when you are prompted to answer questions for the self-signed certificate. The ‘common name’ is the domain name of your website where the certificate will be used. Make it a point to provide the accurate domain name to avoid problems.
You will have a self-signed certificate on your /etc/apache2/ssl directory. The files are named: apache.crt and apache.key.
- Activate the SSL Certificate
To activate the certificate that you just created, you need to open the /etc/apache2/sites-available/default-ssl.conf and add the cert files.
Make sure that your SSL file is properly edited to ensure that your self-signed certificate is used and your website is accessed through HTTPS protocol.
After retesting Apache2, you should be able to test your website and see if it is being accessed using the HTTPS protocol through the self-signed cert. Of course, you will see a warning regarding the SSL Certificate as it is self-signed. You should add your site on your trusted site list if you want to keep your browser from showing you the warning.
Creating your self-signed certificate is useful when trying to secure access and information on your website. But, it may not as useful when trying to gain more users as browsers will advise online users about the self-signed certificate. If you want to prevent this from happening, install an SSL Certificate from trusted certificate authorities like Symantec and GoDaddy. Since they are trusted and recognized by browsers, users won’t see warnings when accessing your SSL protected site.