{"id":12372,"date":"2024-11-23T03:25:00","date_gmt":"2024-11-23T03:25:00","guid":{"rendered":"https:\/\/myprojects.advchaweb.com\/?p=12372"},"modified":"2024-11-23T03:45:51","modified_gmt":"2024-11-23T03:45:51","slug":"create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-22-04","status":"publish","type":"post","link":"https:\/\/myprojects.advchaweb.com\/index.php\/2024\/11\/23\/create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-22-04\/","title":{"rendered":"Create a Self-Signed SSL Certificate for Apache in Ubuntu 22.04"},"content":{"rendered":"

Ref: https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-22-04<\/p>\n

1. open up the firewall ufw for the http<\/code>\u00a0and\u00a0https<\/code>\u00a0ports:
\n[codesyntax lang=”bash”]<\/p>\n

satria@teddy:~$ sudo ufw allow \"Apache Full\"\r\n[sudo] password for satria: \r\nERROR: Could not find a profile matching 'Apache Full'<\/pre>\n
[\/codesyntax]<\/p>\n
2. enable\u00a0mod_ssl<\/code>
\n[codesyntax lang=”bash”]<\/p>\n
satria@teddy:~$ sudo a2enmod ssl\r\nConsidering dependency mime for ssl:\r\nModule mime already enabled\r\nConsidering dependency socache_shmcb for ssl:\r\nEnabling module socache_shmcb.\r\nEnabling module ssl.\r\nSee \/usr\/share\/doc\/apache2\/README.Debian.gz on how to configure SSL and create self-signed certificates.\r\nTo activate the new configuration, you need to run:\r\n  systemctl restart apache2\r\n\r\nsatria@teddy:~$ sudo systemctl restart apache2<\/pre>\n
[\/codesyntax]<\/p>\n
3. Creating the TLS Certificate
\n[codesyntax lang=”bash”]<\/p>\n
satria@teddy:~$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/apache-selfsigned.key -out \/etc\/ssl\/certs\/apache-selfsigned.crt\r\n.+.......+.....+.+........+...................+..+...+...+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+......+.........+.........+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.....+.......+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+..+...+...............+.+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.......+...+......+...+......+.....+....+...+..+...+.......+.....+......+.......+.........+...........+.......+...+...+..+.........+....+..+....+...+..+...+.+..+.......+.....+......+.+......+..............+.+.....+.........+......+.........+....+.........+...+.......................+.......+...+......+...+...+..+.......+.....+....+.................+....+.....+.............+......+..+....+...+.....+......+...................+..+.........................+.....+......+....+.....+....+.........+..+.+..+.+.........+..+...+.......+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n-----\r\nYou are about to be asked to enter information that will be incorporated\r\ninto your certificate request.\r\nWhat you are about to enter is what is called a Distinguished Name or a DN.\r\nThere are quite a few fields but you can leave some blank\r\nFor some fields there will be a default value,\r\nIf you enter '.', the field will be left blank.\r\n-----\r\nCountry Name (2 letter code) [AU]:ID\r\nState or Province Name (full name) [Some-State]:My State\r\nLocality Name (eg, city) []:My City\r\nOrganization Name (eg, company) [Internet Widgits Pty Ltd]:LimauSoft\r\nOrganizational Unit Name (eg, section) []:IT Department\r\nCommon Name (e.g. server FQDN or YOUR name) []:satria\r\nEmail Address []:xxx@yahoo.com<\/pre>\n
[\/codesyntax]<\/p>\n
4. Configuring Apache to Use TLS
\n[codesyntax lang=”bash”]<\/p>\n
satria@teddy:~$ sudo gedit \/etc\/apache2\/sites-available\/mywebsite.test.conf<\/pre>\n
[\/codesyntax]<\/p>\n
the config file like this
\n[codesyntax lang=”php”]<\/p>\n
<VirtualHost mywebsite.test:80> \r\n  ServerName www.mywebsite.test \r\n  Redirect \/ https:\/\/mywebsite.test\/ \r\n<\/VirtualHost>\r\n\r\n<VirtualHost mywebsite.test:443> \r\n  ServerName www.mywebsite.test \r\n  DocumentRoot \"\/home\/satria\/Documents\/projects\/mywebsite\" \r\n  DirectoryIndex index.php \r\n  <Directory \"\/home\/satria\/Documents\/projects\/mywebsite\"> \r\n    AllowOverride All \r\n    Allow from All \r\n    Require all granted \r\n  <\/Directory> \r\n  \r\n  SSLEngine on\r\n  SSLCertificateFile \/etc\/ssl\/certs\/apache-selfsigned.crt\r\n  SSLCertificateKeyFile \/etc\/ssl\/private\/apache-selfsigned.key\r\n   \r\n  ErrorLog \/var\/log\/apache2\/mywebsite.error.log \r\n  CustomLog \/var\/log\/apache2\/mywebsite.access.log combined \r\n<\/VirtualHost><\/pre>\n
[\/codesyntax]
\ndon’t forget to reload\/restart apache2 service<\/p>\n
5. Now load your site in a browser, being sure to use\u00a0https:\/\/<\/code>\u00a0at the beginning.<\/p>\n
You should see an error. This is normal for a self-signed certificate! The browser is warning you that it can’t verify the identity of the server, because our certificate is not signed by any of its known certificate authorities. For testing purposes and personal use this can be fine. You should be able to click through to advanced<\/strong>\u00a0or\u00a0more information<\/strong>\u00a0and choose to proceed.<\/p>\n","protected":false},"excerpt":{"rendered":"
Ref: https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-22-04 1. open up the firewall ufw for the http\u00a0and\u00a0https\u00a0ports: [codesyntax lang=”bash”] satria@teddy:~$ sudo ufw allow “Apache Full” [sudo] password for satria: ERROR: Could not find a profile matching ‘Apache Full’ [\/codesyntax] 2. enable\u00a0mod_ssl [codesyntax lang=”bash”] satria@teddy:~$ sudo a2enmod ssl Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: … Continue reading “Create a Self-Signed SSL Certificate for Apache in Ubuntu 22.04”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,132],"tags":[],"class_list":["post-12372","post","type-post","status-publish","format-standard","hentry","category-tutorial","category-ubuntu-22-04"],"_links":{"self":[{"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/posts\/12372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/comments?post=12372"}],"version-history":[{"count":4,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/posts\/12372\/revisions"}],"predecessor-version":[{"id":12374,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/posts\/12372\/revisions\/12374"}],"wp:attachment":[{"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/media?parent=12372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/categories?post=12372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/myprojects.advchaweb.com\/index.php\/wp-json\/wp\/v2\/tags?post=12372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}