Get your own certificate
2017-11-03: This is not needed if you are using any of our VMs as the Let’s Encrypt script handles the conf file generation.
You can get one on a TRIAL period of 3 months, and then extend for 4.95€ / year here.
Upload the certificate files to your server
Use Webmin to upload your files. Put the files in
/etc/ssl
You can find more info here.
Remember the location of the files as we will need that in the example_com.conf file later.
Become root in ubuntu
~:$ sudo -i
Activate SSL
~:$ a2enmod ssl
~:$ a2enmod headers
:~$ service apache2 restart
make a new conf file
~:$ nano /etc/apache2/sites-available/example_com.conf
Put this in the file you just made
<VirtualHost *:443> Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains" SSLEngine on ### YOUR SERVER ADDRESS ### ServerAdmin admin@example.com ServerName example.com ServerAlias subdomain.example.com ### SETTINGS ### DocumentRoot /var/www/path-to-your-website-folder <Directory /var/www/path-to-your-website-folder> Options Indexes FollowSymLinks AllowOverride All Require all granted Satisfy Any </Directory> Alias /owncloud "/var/www/path-to-your-website-folder/" <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/path-to-your-website-folder SetEnv HTTP_HOME /var/www/path-to-your-website-folder ### LOCATION OF CERT FILES ### SSLCertificateFile /etc/ssl/example.com/certificate.crt SSLCertificateKeyFile /etc/ssl/example.com/ssl_example_com_se.key SSLCACertificateFile /etc/ssl/example.com/certificate.ca.crt SSLCertificateChainFile /etc/crt/example_com.ca-bundle ### LOGS ### ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
After you have made this you need to enter the domain into
~:$ nano /etc/hosts
It should look something like this:
127.0.0.1 localhost 127.0.1.1 www.techandme.se techandme.se 127.0.1.1 shop.techandme.se techandme.se # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters
Activate your new config
:~$ a2ensite example_com.conf
:~$ sudo service apache2 reload
Deactivate your default-ssl config
:~$ a2dissite default-ssl.conf
:~$ sudo service apache2 reload
That’s all!