Configuring Apache to Use TLS - toge510/homelab GitHub Wiki

Enable mod_ssl

sudo a2enmod ssl

sudo systemctl reload apache2

Copy /etc/apache2/sites-available/default-ssl.conf to /etc/apache2/sites-available/ssl.conf,

Edit /etc/apache2/sites-available/ssl.conf.

SSLCertificateFile    /etc/ssl/newcerts/01.pem	
SSLCertificateKeyFile /etc/ssl/private/server.key

Enable ssl.conf

sudo a2ensite default-ssl

Test for configuration errors.

sudo apache2ctl configtest

sudo systemctl reload apache2

Test

 sudo curl https://server.com --cacert /etc/ssl/certs/cacert.pem

*Need to set <IP ADDRESS or localhost> server.com in /etc/hosts

If not specify cacert, curl will use /etc/ssl/certs/ca-certificates.crt as a default. You can check the detailed with -v option.

Assume that the client side with the browser is macbook.

Download: /etc/ssl/certs/cacert.pem on the local of macbook. and set the ca certificates in Keychain Access.

Access the browser with https://server.com.

It's useful to check error.

• How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 22.04
• How to enable HTTPS protocol with Apache 2 on Ubuntu 20.04