Operation and Maintenance
Linux Operation and Maintenance
How to create and install a self-signed certificate in Apache
How to create and install a self-signed certificate in Apache
SSL is useful for secure communication between users and web servers. The certificate encrypts the data as it travels over public wires so that it is not vulnerable to hackers. Self-signed certificates are free to use, but are not used in production environments, such as when using confidential data such as credit card or Paypal information. This article will introduce you to creating and installing a self-signed certificate in the Apache server on a Linux system.
Step 1: Install mod_ssl package
To set up an SSL certificate, make sure mod_ssl is installed on your system. If it is not installed yet, you need to use the following command to install it. Additionally, install the openssl package to create the certificate.
$ sudo apt-get install openssl # Debian based systems $ sudo yum install mod_ssl openssl # Redhat / CentOS systems $ sudo dnf install mod_ssl openssl # Fedora 22+ systems
Step 2: Create a self-signed certificate
After installing mod_ssl and openssl, use the following command to create a self-signed certificate for your domain.
$ sudo mkdir -p /etc/pki/tls/certs $ sudo cd /etc/pki/tls/certs
Now create the SSL certificate
$ sudo openssl req -x509 -nodes -newkey rsa:2048 -keyout example.com.key -out example.com.crt
Output
Generating a 2048 bit RSA private key ....................................+++ ...................................+++ writing new private key to 'example.com.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]: IN State or Province Name (full name) []: Delhi Locality Name (eg, city) [Default City]: Delhi Organization Name (eg, company) [Default Company Ltd]: TecAdmin Organizational Unit Name (eg, section) []: blog Common Name (eg, your name or your server's hostname) []: www.example.com Email Address []: admin@example.com
The above command will create an ssl key file example.com.key and a certificate file example in the current directory .com.crt.
Step 3: Install the self-signed certificate in Apache
Now you have the self-signed SSL certificate and key file. Next edit the Apache SSL configuration file and follow the instructions below to edit/update it.
Apache virtual host configuration:
<VirtualHost _default_:443>
ServerAdmin admin@example.com
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/example.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/example.com.key
</VirtualHost>Step 4: Restart Apache
If the above command does not show any errors, please restart the Apache service.
$ sudo systemctl restart apache2 # Debian based systems $ sudo systemctl restart httpd # Redhat based systems
Step 5: Test the website using https
Finally, open your site in your web browser using https. It requires port 443 to be opened to access the site using HTTPS.
https://www.example.com
When we use a self-signed certificate, you will receive a warning message in your browser, just ignore this message.
The above is the detailed content of How to create and install a self-signed certificate in Apache. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
How to run the h5 project
Apr 06, 2025 pm 12:21 PM
Running the H5 project requires the following steps: installing necessary tools such as web server, Node.js, development tools, etc. Build a development environment, create project folders, initialize projects, and write code. Start the development server and run the command using the command line. Preview the project in your browser and enter the development server URL. Publish projects, optimize code, deploy projects, and set up web server configuration.
How to export pdf with xml
Apr 03, 2025 am 06:45 AM
There are two ways to export XML to PDF: using XSLT and using XML data binding libraries. XSLT: Create an XSLT stylesheet, specify the PDF format to convert XML data using the XSLT processor. XML Data binding library: Import XML Data binding library Create PDF Document object loading XML data export PDF files. Which method is better for PDF files depends on the requirements. XSLT provides flexibility, while the data binding library is simple to implement; for simple conversions, the data binding library is better, and for complex conversions, XSLT is more suitable.
Apache Troubleshooting: Diagnosing & Resolving Common Errors
Apr 03, 2025 am 12:07 AM
Apache errors can be diagnosed and resolved by viewing log files. 1) View the error.log file, 2) Use the grep command to filter errors in specific domain names, 3) Clean the log files regularly and optimize the configuration, 4) Use monitoring tools to monitor and alert in real time. Through these steps, Apache errors can be effectively diagnosed and resolved.
How to generate pom.xml
Apr 03, 2025 am 06:00 AM
There are the following ways to generate a pom.xml file: Use Maven Archetype to provide predefined project templates to automatically generate pom.xml files for specific types of projects. Use the Maven Helper plugin to provide commands to generate pom.xml files. Create manually to customize the pom.xml file for the project.
How to set character encoding on the server side to solve Bootstrap Table garbled
Apr 07, 2025 pm 12:00 PM
To set character encoding on the server side to solve the garbled Bootstrap Table, you need to follow the following steps: check the server character encoding; edit the server configuration file; set the character encoding to UTF-8; save and restart the server; verify the encoding.
Cannot start mysql in xampp
Apr 08, 2025 pm 03:15 PM
There are many reasons why XAMPP fails to start MySQL, including port conflicts, configuration file errors, insufficient system permissions, service dependency issues, and installation issues. The troubleshooting steps are as follows: 1) Check port conflicts; 2) Check configuration files; 3) Check system permissions; 4) Check service dependencies; 5) Reinstall MySQL. Follow these steps and you can find and resolve issues that cause MySQL startup to fail.
How to preview the Bootstrap page
Apr 07, 2025 am 10:06 AM
The preview methods of Bootstrap pages are: open the HTML file directly in the browser; automatically refresh the browser using the Live Server plug-in; and build a local server to simulate an online environment.
Summary of phpmyadmin vulnerabilities
Apr 10, 2025 pm 10:24 PM
The key to PHPMyAdmin security defense strategy is: 1. Use the latest version of PHPMyAdmin and regularly update PHP and MySQL; 2. Strictly control access rights, use .htaccess or web server access control; 3. Enable strong password and two-factor authentication; 4. Back up the database regularly; 5. Carefully check the configuration files to avoid exposing sensitive information; 6. Use Web Application Firewall (WAF); 7. Carry out security audits. These measures can effectively reduce the security risks caused by PHPMyAdmin due to improper configuration, over-old version or environmental security risks, and ensure the security of the database.
