Introduction
An Apache SSL certificate is a specific secure sockets layer (SSL) certificate for an Apache server or web traffic handler.
The Apache license is an open-source license where a community of developers has implemented many resources like HTTP server tools. An Apache SSL certificate helps these kinds of technologies to access the SSL security protocol that is part of many Internet interactions.
In this article, We will learn about how to set up ssl on apache ubuntu 22.04.
1. Prerequisites
- The operating system running Ubuntu Linux
- A root or non-root user with Sudo privileges
- Has stable internet connection
- Terminal window / Command line
2. Install Apache On Ubuntu
If you have installed Apache, you can skip this. If you have not installed Apache, then you click on this link: How to Install Apache on Ubuntu 22.04 LTS
3. Create Apache Virtualhost
First, create an Apache virtual host to serve the HTTP version of the website.
sudo nano /etc/apache2/sites-available/<Your Domain Name>
Then, use the below configuration for your website. Remember to change ServerName, ServerAlias, and Directory stanzas based on your requirement. If you do not use the www subdomain, you can remove the ServerAlias.
<VirtualHost *:80>
ServerName sslforweb.ga
ServerAlias sslforweb.ga, www.sslforweb.ga
ServerAdmin admin@sslforweb.ga
DocumentRoot /var/www/html/sslforweb.ga
ErrorLog ${APACHE_LOG_DIR}/sslforweb.ga_error.log
CustomLog ${APACHE_LOG_DIR}/sslforweb.ga_access.log combined
<Directory /var/www/html/sslforweb.ga>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Once you have created the virtual host configuration file, enable the website.
sudo a2ensite sslforweb.ga
Next, Create a root directory to hold your website's files.
sudo mkdir -p /var/www/html/sslforweb.ga/
Then, Change the ownership and group of the directory.
sudo chown -R www-data:www-data /var/www/html/sslforweb.ga/
If you Finally, place the test HTML file on the website’s document root.
echo "This is a test site @ sslforweb.ga" | sudo tee /var/www/html/sslforweb.ga/index.html
Then, restart the Apache service to re-read the configurations.
sudo systemctl restart apache2
4. Allowing HTTPS Through the Firewall
If the UFW firewall is enabled, as recommended by the prerequisite guides, you’ll need to adjust the settings to allow HTTPS traffic. Upon installation, Apache registers a few different UFW application profiles. You can leverage the 443 port to allow HTTP and HTTPS traffic on your server.
To verify what kind of traffic is currently allowed on your server, check the status:
sudo ufw status
To allow for HTTPS traffic, allow the 443 port:
sudo ufw allow 443
5. Online Generate Free SSL From SslForWeb
If you don't have SSL Certificates, you can generate SSL for free through SslForWeb. Please refer this article: Generate Free Let's Encrypt SSL Certificate.
6. Setup SSL On Apache
This article will use a separate Apache virtual host file instead of the default configuration file. We assume you already have a working apache virtual host for your domain. We can run the command below to copy the sslforweb.com.conf configuration file to yourdomain.com-ssl.conf. Please change sslforweb.ga to your own .conf file in the command to ensure it runs properly.
sudo cp -a /etc/apache2/sites-available/sslforweb.ga{.conf,-ssl.conf}
Now we are going to store the certificate on the server.
First of all, Copy Certicate then run the below command:
sudo nano /etc/ssl/certs/sslforweb.ga.crt
Then paste it certicate and save the file. After, Copy Private Key then run the below command:
sudo nano /etc/ssl/private/sslforweb.ga.key
Then paste it private key and save the file.
Let’s edit the new virtual host ssl file.
sudo nano /etc/apache2/sites-available/sslforweb.ga-ssl.conf
Replace
<VirtualHost *:80>
In the first line with
<VirtualHost *:443>
Then, add these three lines:
SSLEngine on
SSLCertificateKeyFile /etc/ssl/private/sslforweb.ga.key
SSLCertificateFile /etc/ssl/certs/sslforweb.ga.crt
Save the file then exit.
After this, we need to enable the SSL version of your site. We can run this command to enable the site:
sudo a2ensite sslforweb.ga-ssl.conf
At last, check your apache2 configuration by running this command:
sudo apache2ctl -t
If everything is okay, then you will see the “Syntax OK” message, and you can restart Apache.
sudo systemctl restart apache2
Congratulations! At this point, you should be able to enable HTTPS protocol with Apache2 on Ubuntu 22.04.
Thank you for reading this article!