This guide explains how to set up the Brain Beats project to run locally using Apache web server with a self-signed SSL certificate, allowing you to access the site over HTTPS.

• Apache2 installed: Ensure you have Apache2 installed on your system. You can install it using your distribution's package manager (e.g., sudo apt-get install apache2 on Debian/Ubuntu).

Enable the SSL module in Apache if it's not already enabled:

sudo a2enmod ssl

Enable virtual host support for SSL:

sudo a2enmod socache_shmcb
sudo a2enmod ssl
sudo a2enmod http2

Create a new VirtualHost configuration file for your project. For example, create a file named brain-beats-ssl.conf in /etc/apache2/sites-available/:

<VirtualHost *:443>
    ServerName localhost
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/brain-beats.crt
    SSLCertificateKeyFile /etc/ssl/private/brain-beats.key

    <Directory /var/www/html>
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/brain-beats-error.log
    CustomLog ${APACHE_LOG_DIR}/brain-beats-access.log combined
</VirtualHost>

Note:

• ServerName: Set to localhost for local access.
• DocumentRoot: Set to /var/www/html, assuming this is where your project files are located. Adjust if necessary.
• SSLCertificateFile: Path to your SSL certificate file (we'll generate this in the next step).
• SSLCertificateKeyFile: Path to your SSL private key file (we'll generate this in the next step).
• <Directory /var/www/html>: Configures directory access permissions for your project directory.

Generate a self-signed SSL certificate and key using openssl:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/brain-beats.key \
-out /etc/ssl/certs/brain-beats.crt \
-subj "/C=US/ST=State/L=Locality/O=Brain Beats/CN=localhost"

This command will:

• Generate a 2048-bit RSA private key (brain-beats.key).
• Create a self-signed certificate (brain-beats.crt) valid for 365 days.
• Store the key and certificate in /etc/ssl/private/ and /etc/ssl/certs/ respectively.
• You will be prompted to enter information for the certificate. You can use placeholder values for most fields, but ensure CN=localhost for the "Common Name" to match your ServerName.

Enable the VirtualHost by creating a symbolic link from the configuration file to Apache's sites-enabled directory:

sudo a2ensite brain-beats-ssl.conf

If you want to ensure that only your Brain Beats project is served on port 443, disable the default Apache VirtualHost:

sudo a2dissite 000-default.conf

Restart Apache to apply the changes:

sudo systemctl restart apache2

You should now be able to access your Brain Beats project locally over HTTPS by navigating to https://localhost in your web browser.

Since you are using a self-signed certificate, your browser will likely display a warning that the connection is not secure. To avoid this, you can import the self-signed certificate as a trusted certificate authority in your browser.

1. Navigate to Chrome Settings: Open Chrome and go to chrome://settings/security.
2. Manage Certificates: Scroll down to "Advanced" and click on "Manage certificates".
3. Import Certificate: In the "Certificates" dialog, go to the "Authorities" tab.
4. Import: Click "Import..." and browse to the location where you saved brain-beats.crt (e.g., /etc/ssl/certs/brain-beats.crt).
5. Trust the Certificate: Follow the prompts to import the certificate and ensure you trust it for website identification.
6. Restart Browser: Close and reopen your browser.

After importing the certificate, the browser warning should be gone when you access https://localhost.

Note:

• Self-signed certificates are not trusted by default by browsers because they are not issued by a recognized Certificate Authority (CA). Importing the certificate as a trusted authority tells your browser to trust certificates signed by this specific certificate.
• This setup is for local development only. For production environments, you should use certificates issued by a trusted Certificate Authority.