It’s quite an easy and painless process actually but I always forget the step, so I write it here for my own reminder, hope this can help others too ;)
First for apache’s mod-ssl (https) to work, we have to create a certificate.
Creating a certificate
Generate the keys for the Certificate Signing Request (CSR):
openssl genrsa -des3 -out server.key 1024
Create the insecure key, the one without a passphrase:
openssl rsa -in server.key -out server.key.insecure
Shuffle the key names:
mv server.key server.key.secure
mv server.key.insecure server.key
Create the CSR:
openssl req -new -key server.key -out server.csr
Create the self-signed certificate:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Install the key file server.key and certificate file server.crt:
sudo cp server.crt /etc/ssl/certs
sudo cp server.key /etc/ssl/private
Ubuntu:
Enable the mod_ssl module:
sudo a2enmod ssl
Restart the service to enable the new settings:
sudo /etc/init.d/apache2 restart
Slackware:
Edit httpd.conf
pico /etc/httpd/httpd.conf
Enable the mod_ssl module, remove the comment in front of this line:
LoadModule ssl_module lib/httpd/modules/mod_ssl.so
and this:
Include /etc/httpd/extra/httpd-ssl.conf
Change the location of certificate:
SSLCertificateFile “/etc/httpd/server.crt”
to:
SSLCertificateFile “/etc/ssl/certs/server.crt”
SSLCertificateKeyFile “/etc/httpd/server.key”
to:
SSLCertificateKeyFile “/etc/ssl/private/server.key”
Restart apache:
/etc/rc.d/rc.httpd restart
Last but not least, don’t forget to check the webserver directory on apache’s mod-ssl config:
Ubuntu:
pico /etc/apache2/sites-enabled/default-ssl
Slackware:
pico /etc/httpd/extra/httpd-ssl.conf