Use the openssl command to create a self-signed SSL certificate and private key. Run the following command, replacing yourdomain.com with your server's domain or IP address:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache.key -out /etc/ssl/certs/apache.crt -subj "/C=SE/ST=State/L=City/O=Organization/CN=hogkvist.asuscomm.com"

This generates a certificate valid for 365 days and stores the key and certificate in standard Apache SSL directories.

Enable the SSL module and update the SSL virtual host configuration:

sudo a2enmod ssl
sudo nano /etc/apache2/sites-available/default-ssl.conf

Inside the <VirtualHost *:443> block, ensure these directives point to your files:

SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key

Save and exit, then restart Apache:

sudo systemctl restart apache2

Test and Handle Browser Warnings Access your site via https://hogkvist.asuscomm.com. You will see a security warning because the certificate is self-signed. This is normal. Manually accept the certificate in your browser to proceed. The connection is encrypted, but identity verification is not trusted by default.