Use the openssl command to create a self-signed SSL certificate and private key. Run the following command, replacing yourdomain.com with your server's domain or IP address:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache.key -out /etc/ssl/certs/apache.crt -subj "/C=SE/ST=State/L=City/O=Organization/CN=hogkvist.asuscomm.com"
This generates a certificate valid for 365 days and stores the key and certificate in standard Apache SSL directories.
Enable the SSL module and update the SSL virtual host configuration:
sudo a2enmod ssl sudo nano /etc/apache2/sites-available/default-ssl.conf
Inside the <VirtualHost *:443> block, ensure these directives point to your files:
SSLCertificateFile /etc/ssl/certs/apache.crt SSLCertificateKeyFile /etc/ssl/private/apache.key
Save and exit, then restart Apache:
sudo systemctl restart apache2
Test and Handle Browser Warnings
Access your site via https://hogkvist.asuscomm.com. You will see a security warning because the certificate is self-signed. This is normal. Manually accept the certificate in your browser to proceed. The connection is encrypted, but identity verification is not trusted by default.