How to create a SSL certificate for FREE and make your website HTTPS!!
1. Obtain an SSL Certificate:
You can obtain an SSL certificate from a certificate authority (CA) or use a free certificate from Let’s Encrypt. Here are steps for both:
Option 1: Commercial Certificate
Purchase an SSL certificate from a certificate authority. They will provide you with the necessary files, typically including a certificate file (your_domain.crt), a private key file (your_domain.key), and a CA certificate file (ca_bundle.crt or similar).
Option 2: Let’s Encrypt (Free)
If you prefer a free certificate, you can use Let’s Encrypt. Install the certbot tool and request a certificate:
#bash
sudo apt-get update sudo apt-get install certbot sudo certbot certonly --webroot -w /var/www/html -d your_domain.com2. Configure Apache for SSL:
Once you have the certificate files, configure Apache to use SSL:
Enable SSL Module:
#bash
sudo a2enmod sslRef a2enmod: click here
Create a Virtual Host Configuration:
Create or edit the Apache virtual host configuration file to include SSL settings. Open the Apache configuration file for editing:
#bash
sudo nano /etc/apache2/sites-available/your_domain.conf
OR
sudo nano /etc/apache2/sites-available/000-default.confIf you’re using the default Apache configuration, you might find the virtual host configuration in the 000-default.conf file. In this case, you can modify the 000-default.conf file to include the SSL configuration.
Add the following lines to create an SSL-enabled virtual host:
<VirtualHost *:80>
# ... (existing configuration for port 80)
</VirtualHost>
<VirtualHost *:443>
ServerName your_domain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /path/to/fullchain.pem
SSLCertificateKeyFile /path/to/privkey.pem
# Additional SSL settings...
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>Replace your_domain.com with your actual domain. Update the paths to your certificate files accordingly.
Save the File and Exit:
Press Ctrl + X, press Y to confirm changes, and press Enter.
Enable the New Configuration:
#bash
sudo a2ensite your_domain.conf
OR
sudo a2ensite 000-default.confRestart Apache:
#bash
sudo systemctl restart apache23. Test SSL Configuration:
Visit your website with https://your_domain.com to ensure that SSL is working correctly. Clear the cache, or open in a new browser to cross-verify. Verify that your browser shows the padlock icon, indicating a secure connection.
That’s it! Your domain should now be available and accessible over HTTP secure connection with a valid SSL certificate. You can renew your Let’s Encrypt certificate before it expires to maintain a secure connection. We can also set up a cron job to automatically renew the certificate.
