Install HTTPS on Localhost in Ubuntu

To install HTTPS on localhost in Ubuntu, you can set up a self-signed SSL certificate using OpenSSL and configure your local web server (like Apache or Nginx) to use it. Here are the steps:

Step 1) Install OpenSSL

• sudo apt update
• sudo apt install openssl

Step 2) Create a Self-Signed SSL Certificate

• sudo mkdir -p /etc/ssl/localcerts
• sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/localcerts/localhost.key -out /etc/ssl/localcerts/localhost.crt

You'll be prompted to enter information for the certificate. You can use placeholder values, but ensure `Common Name (CN)` is set to `localhost`.

 

Step 3) Configure the Web Server

 For Apache:

a) Enable SSL and headers modules:

• sudo a2enmod ssl
• sudo a2enmod headers

b) Edit your Apache Virtualhost file.

• sudo nano /etc/apache2/sites-available/default-ssl.conf
  
  

Add the following:

<VirtualHost *:443> ServerName localhost DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/ssl/localcerts/localhost.crt SSLCertificateKeyFile /etc/ssl/localcerts/localhost.key <Directory /var/www/html> AllowOverride All </Directory> </VirtualHost>

c) Enable the SSL site and restart Apache:

• sudo a2ensite default-ssl
• sudo systemctl reload apache2

For Nginx:

a) Edit the Nginx Virtualhost file.

• sudo nano /etc/nginx/sites-available/default
  
  

Add the following:

server { listen 443 ssl; server_name localhost; ssl_certificate /etc/ssl/localcerts/localhost.crt; ssl_certificate_key /etc/ssl/localcerts/localhost.key; root /var/www/html; index index.html index.htm; location / { try_files $uri $uri/ =404; } } server { listen 80; server_name localhost; return 301 https://$server_name$request_uri; }

b) Test and restart Nginx:

• sudo nginx -t
• sudo systemctl reload nginx

Step 4) Access HTTPS (Open your browser and navigate to)

• https://localhost

Since this is a self-signed certificate, your browser will warn you about the certificate not being trusted. You can proceed by accepting the warning. Optional: Add Certificate to Trusted Authorities
To avoid browser warnings, you can add the certificate to your local system's trusted certificate store. Let me know if you want guidance on this step.

1. Export the Certificate

Ensure you have the .crt file you generated earlier. For this guide, we'll assume it is located at /etc/ssl/localcerts/localhost.crt.

2. Add Certificate to Trusted Store

For Ubuntu/Linux:

a) Copy the certificate to the trusted store

• sudo cp /etc/ssl/localcerts/localhost.crt /usr/local/share/ca-certificates/localhost.crt
  
  

b) Update the certificate store:

• sudo update-ca-certificates
  
  

c) Restart the web browser:

Close and reopen your browser for changes to take effect.