How To Create a Self-Signed SSL Certificate for Apache in Ubuntu Virtual Cloud Server

How To Create a Self-Signed SSL Certificate for Apache in Ubuntu Virtual Cloud Server

In this blog we will generate self signed SSL certificate for one demo website in Ubuntu server.

Virtual Cloud Server Details

Just now i have deployed a new server in Vultr cloud server. My server details are:

Location: New Jersey
OS: Ubuntu 20.04 x64
IP Address: 8.9.30.155 
Username: root
Password: •••••••

If you are new to Vultr cloud server, you can see following link and deploy a new server.

Deploy a New Virtual Server in Vultr and How to Use SSH to Connect to Remote Server

Install Apache Web Server and Enable Required Module in Ubuntu Server

sudo apt-get update sudo apt-get install apache2

You can find detail blog on how to install apache2 webserver in ubuntu virtual server.

Install Apache2 Web Server in Ubuntu Virtual Server

Open firewall for http and https

sudo ufw allow "Apache Full"

Enable mod_ssl module

mod_ssl is already installed by default in Ubuntu. We just need to enable with the following command.

sudo a2enmod ssl

Need to restart apache2 service.

systemctl restart apache2.service

Check in browser

You should get the Apache default page like showing below:

Install OpenSSL

OpenSSL is a library that provides cryptographic functionality to applications such as secure web servers. Before installtion let us check OpenSSL is installed on a Ubuntu server or not.

openssl version

It is already installed in Ubuntu server, so no need to install.

Create SSL certificate for sample website

I want to generate SSL for sample site xvdemo.com. So keeping name apache-xvdemo-selfsigned for .key and .crt file. You can select name according to your choice.

Run the following command, to create .key and .crt files:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-xvdemo-selfsigned.key -out /etc/ssl/certs/apache-xvdemo-selfsigned.crt

This command generates a new private key (-newkey) using the RSA algorithm with a 2048-bit key length (rsa:2048) without using a passphrase (-nodes) and then creates the key file with a name of apache-xvdemo-selfsigned.key (-keyout apache-xvdemo-selfsigned.key). Also that generates the CSR with a filename of apache-xvdemo-selfsigned.csr (-out apache-xvdemo-selfsigned.csr).

req -x509 parameter specifies that we want to use X.509 certificate signing request (CSR) management. An X.509 certificate is a digital certificate, which defines the format of public key infrastructure (PKI) certificates. They are used to manage identity and security in internet communications and computer networking.

-days 365 option to sets the length of time that the certificate will be considered valid.

It will ask you to enter

Country Name: you have to enter country code, where your company is legally located
State: enter state name, where your company is legally located
Locatity Name: enter locality name, where your company is legally located
Organization Name: you can enter your organization/company name
Organization Unit Name: you have to enter your sub-organization name
Common Name: You have to enter hostname or domain name which will be use to access the server by or public IP of the server.
Email Address: you have to enter your email address.

Now successfully created .key and .crt file. If you want to see you can go to following directory and see.

View .key file

cd /etc/ssl/private

ls -lt apache-xvdemo-selfsigned.key

View .crt file

cd /etc/ssl/certs/

ls -lt apache-xvdemo-selfsigned.crt

Create sample demo website

Create directory for sample website

cd /var/www/

mkdir xvdemo.com

cd xvdemo.com

Create index.html file inside /var/www/xvdemo.com and write following code in that:

touch index.html

vi index.html

vi index.html command will open index.html file in vi editor, press i to insert in vi editor. Then paste following line of code.

XVdemo Home

This is sample demo website

To show how to create self signed certificate for your sample demo website

Save and exit vi editor, press Esc key then :wq and press enter.

Create Virtual Host for xvdemo.com

Go to the following directory and create apache configuration file

I am keeping name xvdemo, you can keep according to your choice.

cd /etc/apache2/sites-available

vi xvdemo.conf

Add following line of code in xvdemo.conf

Make sure server name matches the Common Name which we have written when were creating the certificate. Also write the correct SSLCertificateFile and SSLCertificateKeyFile.

<VirtualHost *:80>

ServerAdmin webmaster@www.xvdemo.com

DocumentRoot /var/www/xvdemo.com

ServerName www.xvdemo.com

<Directory /var/www/xvdemo.com>

    Options Indexes FollowSymLinks

    AllowOverride All

    Order allow,deny

    Allow from all

</Directory>

</VirtualHost>

<VirtualHost *:443>

ServerName www.xvdemo.com

DocumentRoot /var/www/xvdemo.com

<Directory /var/www/xvdemo.com>

    AllowOverride All

    Require all granted

    Allow from All

</Directory>

SSLEngine on

SSLCertificateFile /etc/ssl/certs/apache-xvdemo-selfsigned.crt

SSLCertificateKeyFile /etc/ssl/private/apache-xvdemo-selfsigned.key

</VirtualHost>

Save and exit the vi editor.

Enable the apache configuration file

cd .. sudo a2ensite xvdemo.conf

cd sites-enabled ll

Restart apeche

systemctl reload apache2

Make hosts entry in your local system

Open command prompt as administrator. Then go to following directory and open hosts file.

cd drivers/etc

notepad hosts

Add below line in hosts file.

YOUR-SERVER-IP YOUR-SERVER-NAME

8.9.30.155 www.xvdemo.com

Save and close the file.

Check server name in browser

You will get screen like below.

You have click on "Advanced" -> Click on "Accept the Risk and Continue".

After that you can see the sample demo website.

That's it.

In [ ]:
 

Machine Learning

  1. Deal Banking Marketing Campaign Dataset With Machine Learning

TensorFlow

  1. Difference Between Scalar, Vector, Matrix and Tensor
  2. TensorFlow Deep Learning Model With IRIS Dataset
  3. Sequence to Sequence Learning With Neural Networks To Perform Number Addition
  4. Image Classification Model MobileNet V2 from TensorFlow Hub
  5. Step by Step Intent Recognition With BERT
  6. Sentiment Analysis for Hotel Reviews With NLTK and Keras
  7. Simple Sequence Prediction With LSTM
  8. Image Classification With ResNet50 Model
  9. Predict Amazon Inc Stock Price with Machine Learning
  10. Predict Diabetes With Machine Learning Algorithms
  11. TensorFlow Build Custom Convolutional Neural Network With MNIST Dataset
  12. Deal Banking Marketing Campaign Dataset With Machine Learning

PySpark

  1. How to Parallelize and Distribute Collection in PySpark
  2. Role of StringIndexer and Pipelines in PySpark ML Feature - Part 1
  3. Role of OneHotEncoder and Pipelines in PySpark ML Feature - Part 2
  4. Feature Transformer VectorAssembler in PySpark ML Feature - Part 3
  5. Logistic Regression in PySpark (ML Feature) with Breast Cancer Data Set

PyTorch

  1. Build the Neural Network with PyTorch
  2. Image Classification with PyTorch
  3. Twitter Sentiment Classification In PyTorch
  4. Training an Image Classifier in Pytorch

Natural Language Processing

  1. Spelling Correction Of The Text Data In Natural Language Processing
  2. Handling Text For Machine Learning
  3. Extracting Text From PDF File in Python Using PyPDF2
  4. How to Collect Data Using Twitter API V2 For Natural Language Processing
  5. Converting Text to Features in Natural Language Processing
  6. Extract A Noun Phrase For A Sentence In Natural Language Processing