Configure SSL

To encrypt communication between your Apache web server and web clients, you need to use the mod_ssl module. Enable this module using the sudo a2enmod ssl command:

apache enable ssl module

The default SSL configuration file is /etc/apache2/sites-available/default-ssl.conf. The default SSL configuration will use a certificate and key generated by the ssl-cert package. The default certificate and keys can be used for testing purposes, but it is recommened that you replace them with a certificate and keys specific to the site or server.

The default-ssl.conf file has the same entries as the default site file (000-default.conf), but it adds directives for SSL. By default, the SSL virtual host will use the port 443:

default-ssl.conf file

To configure Apache for HTTPS, use the sudo a2ensite default-ssl command:

enable ssl apache

The default certificate is /etc/ssl/certs/ssl-cert-snakeoil.pem, and the default key is /etc/ssl/private/ssl-cert-snakeoil.key.


Restart Apache in order for the changes to take effect (sudo service apache2 restart). Now you can access your website using HTTPS:

ssl apache

The default document root is /var/www/html. You will probably get the certificate error page, but you can accept the certificate to view the webpage.

Geek University 2022