Skip to main content

Add SSL to your website – HTTPS made easy let your visitors/users safely access your services, you better add a SSL certificate to your server to allow them browse your websites using HTTPS protocol.

What is TLS/SSL?

“Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols which are designed to provide communication security over the Internet.

They use X.509 certificates and hence asymmetric cryptography to assure the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication.” (Wikipedia)

So basically it ensures the data transiting from the user to the server is encrypted.

You can either use your own certificate or buy from 3rd party such as StartSSL.

If you use your own certificate, the web browser will not recognize it as a safe website and will display a warning message before to be able to access it. If you want to avoid scaring your visitors, you will need to buy a certificate from a trusted vendor (Meaning accepted by 99.x% of the web browsers as safe certificate).

But as I trust myself, I do not need to buy a certificate and I will just generate one by myself to secure further my server.


You can generate your own self-signed certificate by running the following command:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/myblog.key -out /etc/ssl/certs/myblog.pem

This will create a pairs of key and certificates based on RSA encryption 2048 bit.

You will need to enter some info such as:

Once done, you need to adjust your Virtualhost to add a SSL section.

and add at the end after the </VirtualHost>, a new section dedicated to HTTPS (Port 443).

To be faster, I suggest to use the same configuration than your Virtualhost on HTTP, like:

Finally, enable SSL mode:

and restart apache
You should now have a HTTPS connection working !