====== HTTPS ======

===== Generate a Self-Signed Certificate =====

Use the openssl command to create a self-signed SSL certificate and private key. Run the following command, replacing yourdomain.com with your server's domain or IP address:
<code>
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache.key -out /etc/ssl/certs/apache.crt -subj "/C=SE/ST=State/L=City/O=Organization/CN=hogkvist.asuscomm.com"
</code>

This generates a certificate valid for 365 days and stores the key and certificate in standard Apache SSL directories. 

===== Configure Apache to Use the Certificate =====

Enable the SSL module and update the SSL virtual host configuration:

<code>
sudo a2enmod ssl
sudo nano /etc/apache2/sites-available/default-ssl.conf
</code>

Inside the <VirtualHost *:443> block, ensure these directives point to your files:

<code>
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
</code>

Save and exit, then restart Apache:

<code>
sudo systemctl restart apache2
</code>

Test and Handle Browser Warnings
Access your site via ''https://hogkvist.asuscomm.com''. You will see a security warning because the certificate is self-signed. This is normal. Manually accept the certificate in your browser to proceed.  The connection is encrypted, but identity verification is not trusted by default.