What is SSL Certificate?
A SSL certificate is a way to encrypt a site’s information and create a more secure connection. Additionally, the certificate can show the virtual private server’s identification information to site visitors. Certificate Authorities can issue SSL certificates that verify the server’s details while a self-signed certificate has no 3rd party corroboration.
SSL is one of the important components of our secure Internet and it is a way of encrypting site’s information and create a more secured connections. It protects our sensitive information as it travels across the world.
Why using SSL Certificates?
Encrypting Sensitive Information:
One of the important reason for using ssl is to protect the sensitive information sent across the internet. Whenever an information is sent from one server to another server, ssl enables the information to be protected in such a way that it cannot be understood by anybody except the destination server.The information sent is encrypted. It helps us to secure the sensitive information from identity thieves and hackers. If it is not encrypted, it may be possible for anybody to see your creditcard numbers, Names and passwords.
Whenever ssl certificate is used by a website, you can be sure that the information is authenticated. SSL certificate will be issued to a verified company.
Gaining Customer’s Trust:
When using ssl certificate in your site, visitors have the ability to view a lock icon or a greeen bar. It will ensure the connection is secured. It really means that visitors will be trusting your website and more likely to a buy a products from your site. SSL Providers also will be giving you a trust seal which enables more customers to trust your site.
Setting Up Apache SSL Certificate on Ubuntu 12.04
The following steps in this tutorial would want you to have root privileges on your server. Also, you need to have apache already installed and running in your server.
If it is not done already, use the below command to do it.
sudo apt-get install apache2
Step 1 — Activating the SSL Module
Enable SSL on your server by using the below command.
sudo a2enmod ssl
Restarting Apache once it is enabled.
sudo service apache2 restart
Step 2 — Creating a New Directory
We may have to create a new directory where server key and certificate will be stored.
sudo mkdir /etc/apache2/ssl
Step 3 — Creating Self Signed SSL Certificate
While requesting a new certificate, we can specify the expiration days of the ssl certificate to remain valid. Here, we have given it as one year. You can change the way you want.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
By using the above command, we will be having both self-signed SSL certificate and the server key that protects it. It will place both of them into the new directory(/etc/apache2/ssl).
This command will be prompting you to enter some details.
The most important line is “Common Name”. Enter your official domain name here or, if you don’t have one yet, your site’s IP address.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Tamil Nadu
Locality Name (eg, city) :CHENNAI
Organization Name (eg, company) [Internet Widgits Pty Ltd]:CloudyPoint
Organizational Unit Name (eg, section) :Linux Tutorials
Common Name (e.g. server FQDN or YOUR name) :cloudypoint.com
Email Address :firstname.lastname@example.org
Step 4 — Set Up the Certificate
Now we have all of the required components of the finished certificate.The next thing to do is to set up the virtual hosts to display the new certificate. Open up the SSL config file:
We have the necessary components for the ssl certificate. Next thing is to set up the virtual hosts for settting up the new certificate for your domain name. Let’s open the ssl config file using the below command:
Look for the section that begins with <VirtualHost _default_:443>, quickly make the following changes. Add a line with your server name right below the Server Admin email:
Replace cloudypoint.com with your DNS approved domain name or server IP address (it should be the same as the common name on the certificate). Search for the following three lines, and make sure that they match the extensions below:
Save and Exit out of the file.
Step 5 — Activating New Virtual Host
Now, we have to enable the ssl virtual host by using the following commands.
sudo a2ensite default-ssl
Everything is set now. Restarting your Apache server will reload it with all of your changes in place.
sudo service apache2 reload
In your browser, enter https://youraddress, and you will be able to see the new certificate.