Table of Contents
What is an SSL Certificate?
SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.
The two systems can be a server and a client (for example, a shopping website and browser) or server to server (for example, an application with personally identifiable information or with payroll information).
TLS/SSL works by using a combination of a public certificate and a private key. The SSL key is kept secret on the server. It is used to encrypt content sent to clients. The SSL certificate is publicly shared with anyone requesting the content. It can be used to decrypt the content signed by the associated SSL key.
In this article, we will show you how to create a self-signed key and certificate on your server and local.
Get the certificate and key files
Real domain
After purchasing the certificate, you will be able to download all the necessary files. Here is an example with GoDaddy:
Virtualhost
To create a self-signed key and certificate in local, first you need to install certutil and mkcert:
Install Certutil
To install mkcert on any Ubuntu or Debian system, first, install Certutil dependencies:
$ apt install libnss3-tools -y
Installing Mkcert
Mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration.
$ wget https://github.com/FiloSottile/mkcert/releases/download/v1.1.2/mkcert-v1.1.2-linux-amd64 $ mv mkcert-v1.1.2-linux-amd64 mkcert $ chmod +x mkcert $ cp mkcert /usr/local/bin/
Now that the mkcert is installed, we run the command below to create your local CA.
$ mkcert -install Created a new local CA at "/home/magenest/.local/share/mkcert" ? The local CA is now installed in the system trust store! The local CA is now installed in the Firefox and/or Chrome/Chromium trust store (requires browser restart)! ?
To check the path local CA, we run the command:
$ mkcert -CAROOT /home/magenest/.local/share/mkcert
Generate Local SSL Certificates
$ sudo mkcert magenest.local.com '*.local.com' localhost 127.0.0.1 ::1 Using the local CA at "/home/magenest/.local/share/mkcert" Created a new certificate valid for the following names ? - "magenest.local.com" - "*.local.com" - "localhost" - "127.0.0.1" - "::1" The certificate is at "./magenest.local.com+4.pem" and the key at "./magenest.local.com+4-key.pem"
After run the above command self-signed key and certificate is placed in /home/magenest/.local/share/mkcert
Enable the Certificates for the Apache Web Server
To configure Apache to use these certificates, edit the default ssl configuration file, /etc/apache2/sites-enabled/magenest.conf and change the SSL certificate and key file to point to the locally generated cert and key file above. See the example below.
$ vim /etc/apache2/sites-enabled/magenest.conf
<VirtualHost *:443>
ServerName magenest.local.com
DocumentRoot /var/www/html/magenest/
SSLEngine on
SSLCertificateFile "/home/magenest/.local/share/mkcert/magenest.local.com+3.pem"
SSLCertificateKeyFile "/home/magenest/.local/share/mkcert/magenest.local.com+3-key.pem"
<Directory /var/www/html/magenest/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Reload and restart Apache to activate the new configuration
$ systemctl reload apache2 $ systemctl restart apache
Enable the Certificates for Nginx Web Server
$ vim /etc/nginx/sites-enabled/magenest.conf
upstream magenest {
server unix:/run/php/php7.4-fpm.sock;
}
server {
listen 443;
server_name magenest.local.com;
ssl on;
ssl_certificate /home/magenest/.local/share/mkcert/magenest.local.com+3.pem;
ssl_certificate_key /home/magenest/.local/share/mkcert/magenest.local.com+3-key.pem;
set $MAGE_ROOT /var/www/html/magenest;
include /var/www/html/magenest/nginx.conf.sample;
}
Verify that the configuration
$ nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Reload Nginx
$ sudo service nginx reload
After setup you proceed to https://magenest.local.com/. If successful, you will see the below image.
We at Magenest hope that you can find the answers for your questions in our blog today. If you still have something unclear, please drop a comment down in this blog.
Morph Mai
Marketing Executive | Content Manager
Weekly Trending
-
10 Best Mega Menu Examples in 2024
December 21 2023 -
Customer Value and Satisfaction: What's the Difference?
October 30 2020 -
10 Key Factors Affecting Customer Satisfaction in Ecommerce
October 27 2020
Recent Posts
-
11 Best Magento 2 Social Login Extensions Free and Paid 2024
January 27 2024 -
Payment Gateway Comparison - Top 5 Providers in 2024
January 21 2024 -
6+ Voice Search Statistics and Trends You Can't Miss in 2024
January 20 2024 -
2024 Hottest Trend: Voice Search Technology
January 16 2024 -
Salesforce - No.1 CRM Platform for Magento In 2024
January 14 2024
