How To Create & Enable SSL Certificate On Localhost With Apache

Ubuntu Tutorial 22.04.3 LTS

SSL (Secure Socket Layer) certificates are crucial for securing communication between web browsers and servers. Here’s a brief guide on how to create and enable an SSL certificate on localhost with Apache in Linux Ubuntu:

Certainly, let’s go through the process step by step:

Step 1:

Install mkcert (to create an SSL Certificate )

Open your terminal.

Run the following commands to download and install `mkcert`:

sudo apt update

sudo apt install libnss3-tools

These commands ensure that you have the required tools for `mkcert` to work.

Next, download the `mkcert` binary:

wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64

Note: Make sure to check the `mkcert` releases page for the latest version and update the URL accordingly.

Rename the downloaded binary to `mkcert` and move it to a directory in your system’s PATH:

mv mkcert-v1.4.3-linux-amd64 mkcert

chmod +x mkcert

sudo mv mkcert /usr/local/bin/

Note: Adjust the version number in the commands based on the version you downloaded.

Step 2:

Generate Local SSL Certificates

Navigate to your project directory in the terminal.

Run the following commands to generate SSL certificates:

mkcert -install

mkcert -key-file key.pem -cert-file cert.pem AddYourDomainName"*.AddYourDomainName"

Note: These commands install the local CA and generate SSL certificates for your specified domain.

This will create two files in your project directory: cert.pem and key.pem.

Step 3:

Update Configuration

Open your project’s .env file.

Update the APP_URL to use HTTPS:

APP_URL=https://YourDomainName

Step 4:

Configure Virtual Host 

If you haven’t already, configure your Apache or Nginx virtual host to listen on port 443.

For example, in Apache, you might have a virtual host configuration like this:

<VirtualHost *:443>
    ServerName social-pub.local
    DocumentRoot /path/to/your/Projectpath/public
    SSLEngine on
    SSLCertificateFile /path/to/your/Projectpath/cert.pem
    SSLCertificateKeyFile /path/to/your/Projectpath/key.pem
</VirtualHost>

   

NOTE: Make sure to replace /path/to/your/YourProject with the path to your project.

Restart your web server for the changes to take effect.

sudo service apache2 restart

Errors:-

If You see Any Error Then Check It

sudo apachectl configtest

In My Case, I Face This Error 

The Apache error log may have more information.

Let’s Fix It:

It would be best if you made sure that the `SSL` module is enabled. You can do this by running:

sudo a2enmod ssl

This command will enable the SSL module. After enabling the module, you should restart Apache:

sudo service apache2 restart

Second Issue In My Case:

To resolve this, you can add a ServerName directive to your Apache configuration. Open the main Apache configuration file for editing:

sudo nano /etc/apache2/apache2.conf

Add the following line at the end of the file:

ServerName localhost

Save the file and exit the text editor.

After making this change, restart Apache:

sudo service apache2 restart

This should eliminate the warning. The ServerName directive is used to set the hostname and port that the server uses to identify itself. Setting it to localhost is a common practice for development environments.

After restarting Apache, you can re-run the configtest to ensure that there are no other syntax errors:

sudo apachectl configtest

If the output is `Syntax OK`, your Apache configuration should be in good shape. If you encounter any issues or have further questions, feel free to ask

Now, you should be able to restart Apache without any issues:

sudo service apache2 restart

If the restart is successful, your Apache server should be running with the updated SSL configuration, and your project should be accessible over HTTPS.