Install self-signed certificate
mod_ssl; which is an
Apache module that provides support for
yum install mod_ssl
2. Create a directory to store the certificates and the keys
(I will be creating
/etc since config-files are usually stored it this directory.
3. Make sure that only
root user has access to the directory.
chmod 700 /etc/ssl/private
4. Generate the
SSL keys and certificates using the following command:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt
req -x509: specifies we want to use X.509 certificate signing request.
opensslto skip the option to secure the certificate with a passphrase since we need Apache to be able to read the file without user intervention.
-days 365: Sets the length of time the certificate will be considered valid.
-newkey rsa:2048: specifies generate a new certificate and new key at the same time and the key is RSA Key and 2048 bits long.
opensslwhere to place the generated private key file we are creating.
opensslwhere to place the certificate we are creating.
5. Edit the
SSL configuration file (mine will be):
6. Run the following command for syntax errors:
SSL through Firewall:
firewall-cmd –permanent –add-service=https
Listen 443 to the default
9. Restatrt apache.
systemctl restart httpd
9. Test your website in browser using