Adding SSL to your Apache Server

SSL / HTTPS has become a hard requirement nowadays. The following article is helpful to people who use Apache as a webserver.

Commands to run for Apache, in Ubuntu 16.04:

  • sudo apt-get update
  • sudo apt-get install software-properties-common
  • sudo add-apt-repository ppa:certbot/certbot
  • sudo apt-get update
  • sudo apt-get install python-certbot-apache
  • sudo certbot --authenticator standalone --installer apache --pre-hook "apachectl -k stop" --post-hook "apachectl -k start"
  • sudo certbot renew --dry-run

At some point you will be asked if you want HTTP to redirect to HTTPS. If yes, then the apache configuration file will be modified with something similar to this:

RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]Code language: JavaScript (javascript)

Apart from your existing configuration files, special files will be created for the ssl configuration.

Also, remember to open the 443 port, if needed: sudo ufw allow 443/tcp