How to Create an Apache SSL Certificate on Ubuntu
Installing SSL certificate on ubuntu server is quite easy. Today, I will show you how you can do that. Please follow following steps and you will be able to install SSL on your server.
First open terminal and connect to your server using terminal. I hope you know how to connect to server using ssh command. Once you are connected just copy and paste following command one by one.
- sudo apt-get install apache2
- sudo a2enmod ssl
- sudo service apache2 restart
- sudo mkdir /etc/apache2/ssl
- sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
Fill following information. I have provided you with examples.
Generating a 2048 bit RSA private key
...................................................................................+++
.+++
writing new private key to '/etc/apache2/ssl/apache.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: <- Example: NP
State or Province Name (full name) [Some-State]:<- Example: 3
Locality Name (eg, city) []:<- Example: Lalitpur
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <- Example: Cyclone Nepal Info Tech
Organizational Unit Name (eg, section) []: <- Example: IT
Common Name (e.g. server FQDN or YOUR name) []: <- Example: Santosh Maharjan
Email Address []:<- Example: [email protected]
- sudo nano /etc/apache2/sites-available/default-ssl.conf
Make sure you type sudo, otherwise you might get permission denied message while saving default-ssl.conf file. Now, search the section starting with <VirtualHost _default_:443>, and add following line right below below Server Admin email:
- ServerName your_website_domain_name or ip_address
Scroll down on the same file and add two line right bellow SSLEngine on
- SSLCertificateFile /etc/apache2/ssl/apache.crt
- SSLCertificateKeyFile /etc/apache2/ssl/apache.key
Once you are done, close the file and save it. Now to enable the virtual host type following command in your terminal.
- sudo a2ensite default-ssl
Now restart apache server using following command.
- sudo service apache2 reload
Once, the apache service is reloaded, you will be able to see your site running in https.
But wait, are you still getting http instead of https?
Well, this issue might occur if you are calling some images or request directly by providing http://www.yourdomain.com/img/1.jpg. How to check this? Ok, let me show you how to check this.
- In your browser, open
Web Inspector - Select
Consoletab withinWeb Inspector.
In console section you will see which file or request is requesting http request instead of https. Here is an example.
[Warning] The page at https://domainname.com/users was allowed to display insecure content from http://domainname.com/img/preloader.gif. (app.js, line 2222)
So, you just need to make sure that preloader.gif image is requested as https. But in above example, you can see, it is requesting as http://domainname.com/img/preloader.gif
Well, that’s all guys. Once you follow all of the above points, you will be able to see your website fully secured(https). I hope, this was helpful to you and will share my article. Let’s share and care for others.
Thank you