Creating a Self-Signed Certificate (Linux Apache)
Under Construction
Linux Apache
- Create a self-signed certificate using openssl
- Update the site configuration file with the location of the certificate files
- Import the certificate into Chrome
Create Certificate
Use the openssl req command to create a self-signed certificate:
Issue the command, e.g. for my site 'ubuntu20.lianja.local':
$ sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \ -addext "subjectAltName = DNS:ubuntu20.lianja.local" \ -out devtest.crt -keyout devtest.key
Then enter the information at the prompts.
Note: the '-addext "subjectAltName = DNS:<valid name>"' must be included to allow the certificate to be subsequently imported into Chrome.
See here for full details of the openssl req command.
Once the files have been created - here 'devtest.crt' and 'devtest.key' - copy them to an appropriate directory, e.g.
$ sudo mkdir /etc/apache2/ssl $ sudo cp devtest.* /etc/apache2/ssl
Site Configuration File
Once the certificate has been created and the files are in your desired location, create / edit your site conf file and add in the SSLCertificateFile and SSLCertificateKeyFile entries to point to the files.
Ubuntu
VirtualHost *:443> ServerAdmin webmaster@localhost ServerName lianja.local ServerAlias 192.168.80.136 DocumentRoot /opt/lianja/cloudserver/tenants/public/wwwroot/ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/apache2/ssl/devtest.crt SSLCertificateKeyFile /etc/apache2/ssl/devtest.key <Directory /opt/lianja/cloudserver/tenants/public/wwwroot/> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> <Location "/"> Redirect permanent "/index.html" "/login.rsp" </Location> </VirtualHost>
Note: the above virtual site configuration includes entries for the Directory to point to the Lianja wwwroot directory and a Redirect to load the Lianja login page if no page or the default index.html page is requested. See Apache Module for Linux for information on installing and configuring the module.
Chrome
...
You will now be able to access your https site from Chrome:
Note: here the index page has been redirected to the Lianja login page. See the conf file above.