Once you have your server running with a self-signed certificate you might find it useful to have a “real” certificate that does not warn users.
Many of the CA’s provide test certificates that are generally valid for 30-60 days, I’ve recently discovered StartSSL, that generates free certificates that are valid for a full year.
- Generating keys and certificates….
NOTE: this process is rather involved and is documented better elsewhere, here’s what I needed to remember to get the keys and certificates.
- save ssl.key (private)
- save ssl.crt (pem encoded)
- get file from control panel:
- Make sure that you move all three files to the /etc/apache2/ssl/ folder on the server.
- Edit the config file…
sudo vi /etc/apache2/sites-available/default-ssl.conf
Modify the values related to the keys and certs…
- Reload the config and restart…
sudo service apache2 reload
sudo service apache2 restart
Test it out…