This post describe how to quickly enable SSL for apache web server under linux or a Raspberry PI.
1- The first step is to create a directory where we will store the encryption certificates:
sudo mkdir /etc/apache2/ssl
2- We will now generate the certicates, for 3 years (1095 days):
sudo openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -out /etc/apache2/ssl/server.crt -keyout /etc/apache2/ssl/server.key
This will generate the following output:
Generating a 2048 bit RSA private key
writing new private key to ‘/etc/apache2/ssl/server.key’
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Florida
Locality Name (eg, city) :Miami
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Whatever Corp
Organizational Unit Name (eg, section) :IT
Common Name (e.g. server FQDN or YOUR name) :ssl.yoursite.com
Email Address :email@example.com
3- Now we install SSL for Apache:
sudo a2enmod ssl
4- We will edit the default Apache site (sudo nano /etc/apache2/sites–enabled/000–default–ssl.conf) and add the following lines:
5- Restart Apache:
sudo /etc/init.d/apache2 restart