Igor Simic
5 years ago

How to create free SSL certificate locally and online





Free online SSL certificate

Easiest way to get free SSL certificate is to use cloudflare service! Cloudflare is offering SSL certificate in free package on click on a button, but beside that it is offering a lot of useful features: CDN, preventing DDOS attacks, always online feature...

Another way is to go to web site https://letsencrypt.org/ and create free SSL certificate


Local SSL certificate

During development very often is needed to test site with support of #SSL. This certificate can be created locally on Mac OS El Capitan.

Here are the steps:

  • edit http.conf
  1. $ sudo nano /etc/apache2/httpd.conf
  • uncomment both the socache_shmcb_module, ssl_module, and also  include  httpd-ssl.conf by removing the leading # symbol on those lines:
  • LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
    ...
    LoadModule ssl_module libexec/apache2/mod_ssl.so
    ...
    Include /private/etc/apache2/extra/httpd-ssl.conf
  • open vhosts
  • $ sudo nano /etc/apache2/extra/httpd-vhosts.conf
  • create a virtual host
  • <VirtualHost *:443>
        DocumentRoot "/Users/your_user/Sites"
        ServerName localhost
        SSLEngine on
        SSLCertificateFile "/private/etc/apache2/server.crt"
        SSLCertificateKeyFile "/private/etc/apache2/server.key"
    </VirtualHost>
  • generate a key:
  • $ cd /etc/apache2
    $ sudo ssh-keygen -f server.key
  • generate a certificate signing request:
  • $ sudo openssl req -new -key server.key -out server.csr
  • generate the certificate:
  • $ sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  • convert the key to a no-phrase key:
  • $ sudo openssl rsa -in server.key -out server.key
  • check your Apache configuration syntax
  • $ sudo apachectl configtest
  • restart Apache
  • $ sudo apachectl -k restart

more detail explanation you can find here:
https://getgrav.org/blog/mac-os-x-apache-setup-ssl