Installation SSL Certificate on Ubuntu/Linuxmint/Debian to Secure Apache
Installation SSL Certificate on Ubuntu/Linuxmint/Debian to Secure Apache
SSL is a web protocol that is used to send trafic between server and client in a secured manner. It provides secure and encrypted transactions between the browser and websites. This protocol generates a certificate which the end user has to authenticate. In this tutorial, we will cover the installation of SSL to initiate secure session on Ubuntu 18.04.
Prerequisites
Install LAMP(Apache, MariaDB, php)
Installation of OpenSSL
apt-get install openssl
Installation
Create the SSL Certificate as follows
root@linuxhelp1:~# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ca.key -out /etc/ssl/certs/ca.crt
Generating a 2048 bit RSA private key
...................................................................................................................................................+++
......................+++
writing new private key to '/etc/ssl/private/ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) \[AU\]:IN
State or Province Name (full name) \[Some-State\]:
Locality Name (eg, city) \[\]:
Organization Name (eg, company) \[Internet Widgits Pty Ltd\]:
Organizational Unit Name (eg, section) \[\]:
Common Name (e.g. server FQDN or YOUR name) \[\]:
Email Address \[\]:
Create own HTML directory and site configuration
root@linuxhelp1:~# mkdir /var/www/mine
root@linuxhelp1:~# vim /var/www/mine/index.php
\[..\]
Welcome to Linuxhelp.com
\[..\]
Change ownership and permission of the as own site follows
root@linuxhelp1:~# chown -R www-data.www-data /var/www/mine/
root@linuxhelp1:~# chmod -R 775 /var/www/mine/
Create Virtual Host for accessing the site with SSL certificate as shown below
root@linuxhelp1:~# vim /etc/apache2/sites-available/mine-ssl.conf
\[..\]
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ca.crt
SSLCertificateKeyFile /etc/ssl/private/ca.key
servername www.linuxhelp1.com
Documentroot /var/www/mine
\[..\]
Enable site access
root@linuxhelp1:~# a2ensite mine-ssl.conf
Enabling site mine-ssl.
To activate the new configuration, you need to run:
systemctl reload apache2
Disable default site access
root@linuxhelp1:~# a2dissite default-ssl.conf
Site default-ssl disabled.
To activate the new configuration, you need to run:
systemctl reload apache2
Enable SSL module
root@linuxhelp1:~# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache\_shmcb for ssl:
Module socache\_shmcb already enabled
Module ssl already enabled
Restart the apache service to make the changes effect
root@linuxhelp1:~# systemctl restart apache2
Now you can proceed the further installation and configuration from the browser by navigating to the following URL: https://
Untrusted connection page appers. Click 'Advanced'
Then click add exception.
Click Confirm security Exception.
You will see the Website that we have configured with SSL certificate
With this, the method to install of SSL to initiate secure session on Ubuntu 18.04 comes to an end.
# a2ensite mine-ssl.conf
# mkdir /var/www/mine
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ca.key -out /etc/ssl/certs/ca.crt
Install LAMP(Apache, MariaDB, php)