Enable ssl by typing this command sudo a2enmod ssl
Enabling ssl requires the apache2 service should be restarted, so restart apache by using this command service apache2 restart
Create a directory for the Self-Signed certificate by using sudo mkdir /etc/ssl
Generate Self-Signed Certificate by using the below command
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 - keyout /etc/ssl/client.key -out /etc/ssl/client.crt
The above command generates client.key file and client.crt file
Convert the generated files into pem format by using follwing commands
cat client.key > /etc/ssl/client-key.pem
cat client.crt > /etc/ssl/client-cert.pem
Combine the client-key.pem and client-cert.pem by using this command cat client-key.pem client-cert.pem > client.pem
The client-key.pem is the keyfile and the client.pem is the certificate file for Self- signed certificate
Configuring SSL in /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin your_email@example.com
ServerName server_domain_or_IP
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/client.pem
SSLCertificateKeyFile /etc/ssl/client-key.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost> </IfModule>
After making these changes, your server block should look similar to this: