In this article, we will see, how to setup a self-signed SSL certificate and configure it to use with Apache Web Server in Ubuntu Linux platform.
This is a continuation of the article titled “Setting up a name based Virtual Host in Apache Web Server”
In this article, we are setting up a self-signed SSL certificate in Ubuntu 11.04. It is important to note that, self-signed SSL certificates are used only in private and local networks.
1. Setting up a self signed SSL certificate
1.1. Installing Open SSL
$sudo apt-get install openssl
1.2 Creating a directory called local under the directory /etc/ssl
$sudo mkdir /etc/ssl/local
1.3 Creating a self-signed SSL Certificate
sudo openssl req -new -x509 -days 365 -nodes -out /etc/ssl/local/apache.pem -keyout /etc/ssl/local/apache.key
Now, openssl tool asks to enter some basic details to create the SSL certificate.On entering the details, a new self-signed certificate will be generated in the directory /etc/ssl/local.
2. Configuring Apache Web Server to use SSL Certificate
2.1 Edit the file /etc/apache2/ports.conf to direct Apache to listen the port 443
In this step, we are adding two steatements, such as NameVirtualHost *:443 and Listenen443, to the file /etc/apache2/ports.conf.
NameVirtualHost *:80 NameVirtualHost *:443 Listen 80 <IfModule mod_ssl.c> Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule>
2.2 Add VirtualHost to serve requests to port 443
We have created the file /etc/apache2/sites-available/wptrafficanalyzer.local in the article titled “Setting up a name based Virtual Host in Apache Web Server“. Edit the file to include virtualhost entry to serve secured http ( https ) requests.
<VirtualHost *:80> ServerName wptrafficanalyzer.local DirectoryIndex index.html index.php DocumentRoot /var/www/wpta </VirtualHost> <VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem SSLCertificateKeyFile /etc/apache2/ssl/apache.key ServerName wptrafficanalyzer.local DocumentRoot /var/www/wpta </VirtualHost>
2.3 Enable Apache’s ssl module
$sudo a2enmod ssl
2.4 Restart Apache Server
$sudo service apache2 restart
3. Testing the self signed SSL certificate
In the above steps, we have created a self signed SSL certificate and configured to use it with Apache web server. Now let us test the configured server by accessing it via a web browser by entering the given below address :
Then a security warning will be displayed in the browser while accessing the site first time, since it is a self signed certificate. If you Proceed anyway, the web page shown in the figure 2 will be displayed.
I am George Mathew, working as software architect and Android app developer at wptrafficanalyzer.in
You can hire me on hourly basis or on project basis for Android applications development.
For hiring me, please mail your requirements to email@example.com.
My other blogs