You are currently viewing How To Create & Enable SSL Certificate On Localhost With Apache

How To Create & Enable SSL Certificate On Localhost With Apache

Ubuntu Tutorial 22.04.3 LTS

SSL (Secure Socket Layer) certificates are crucial for securing communication between web browsers and servers. Here’s a brief guide on how to create and enable an SSL certificate on localhost with Apache in Linux Ubuntu:

Certainly, let’s go through the process step by step:

Step 1:

Install mkcert (to create an SSL Certificate )

Open your terminal.

Run the following commands to download and install `mkcert`:

sudo apt update
sudo apt install libnss3-tools

These commands ensure that you have the required tools for `mkcert` to work.

Next, download the `mkcert` binary:


Note: Make sure to check the `mkcert` releases page for the latest version and update the URL accordingly.

Rename the downloaded binary to `mkcert` and move it to a directory in your system’s PATH:

mv mkcert-v1.4.3-linux-amd64 mkcert
chmod +x mkcert
sudo mv mkcert /usr/local/bin/

Note: Adjust the version number in the commands based on the version you downloaded.

Step 2:

Generate Local SSL Certificates

Navigate to your project directory in the terminal.

Run the following commands to generate SSL certificates:

mkcert -install
mkcert -key-file key.pem -cert-file cert.pem "*"

Note: These commands install the local CA and generate SSL certificates for your specified domain.

This will create two files in your project directory: cert.pem and key.pem.

Step 3:

Update Configuration

Open your project’s .env file.

Update the APP_URL to use HTTPS:


Step 4:

Configure Virtual Host 

If you haven’t already, configure your Apache or Nginx virtual host to listen on port 443.

For example, in Apache, you might have a virtual host configuration like this:

<VirtualHost *:443>
    ServerName social-pub.local
    DocumentRoot /path/to/your/Projectpath/public
    SSLEngine on
    SSLCertificateFile /path/to/your/Projectpath/cert.pem
    SSLCertificateKeyFile /path/to/your/Projectpath/key.pem


NOTE: Make sure to replace /path/to/your/YourProject with the path to your project.

Restart your web server for the changes to take effect.

sudo service apache2 restart


If You see Any Error Then Check It

sudo apachectl configtest

In My Case, I Face This Error 

AH00526: Syntax error on line 35 of /etc/apache2/sites-enabled/social-pub.local.conf:

Invalid command ‘SSLEngine’, perhaps misspelled or defined by a module not included in the server configuration

Action ‘configtest’ failed.

The Apache error log may have more information.

Let’s Fix It:

It would be best if you made sure that the `SSL` module is enabled. You can do this by running:

sudo a2enmod ssl

This command will enable the SSL module. After enabling the module, you should restart Apache:

sudo service apache2 restart

Second Issue In My Case:

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using Set the ‘ServerName’ directive globally to suppress this message

Syntax OK

To resolve this, you can add a ServerName directive to your Apache configuration. Open the main Apache configuration file for editing:

sudo nano /etc/apache2/apache2.conf

Add the following line at the end of the file:

ServerName localhost

Save the file and exit the text editor.

After making this change, restart Apache:

sudo service apache2 restart

This should eliminate the warning. The ServerName directive is used to set the hostname and port that the server uses to identify itself. Setting it to localhost is a common practice for development environments.

After restarting Apache, you can re-run the configtest to ensure that there are no other syntax errors:

sudo apachectl configtest

If the output is `Syntax OK`, your Apache configuration should be in good shape. If you encounter any issues or have further questions, feel free to ask

Now, you should be able to restart Apache without any issues:

sudo service apache2 restart

If the restart is successful, your Apache server should be running with the updated SSL configuration, and your project should be accessible over HTTPS.

Leave a Reply