Generating a valid self-signed certificate for Apache and Chrome
Certificate installation
After generating our valid self-signed certificate, it’s time to install and configure it under Apache.
For testing purposes, I will show the procedure using XAMPP for Windows, but it’s of course valid for all Apache 2.4 instances.
So, assuming that your Apache folder is located under c:\xampp\apache, let’s copy nullalo.local.key file in c:\xampp\apache\conf\ssl.key\ folder and nullalo.local.crt in c:\xampp\apache\conf\ssl.crt\.
Next, open Apache configuration file for your domain (in XAMPP, either c:\xampp\apache\conf\extra\httpd-ssl.conf for localhost or c:\xampp\apache\conf\extra\httpd-vhosts.conf for virtual hosts) and add the following three lines (SSLEngine, SSLCertificateFile and SSLCertificateKeyFile):
<VirtualHost nullalo.local:443> ... SSLEngine on SSLCertificateFile "conf/ssl.crt/nullalo.local.crt" SSLCertificateKeyFile "conf/ssl.key/nullalo.local.key" </VirtualHost>
Now, simply restart Apache and try to open https://nullalo.local in Google Chrome (and any other browser you use): you should see the long-awaited green lock in the navigation bar!
One last note: if you use any antivirus/firewall software, it will still throw you warning for your self-signed certificate, but in this case you can tell the software to always allow that certificate, it won’t be asked anymore.
Finally, if you still got error from Chrome, you can install the generated certificate on your machine, between the trusted ones, as already explained here.
4 Comments
Thanks a ton!!
This tutorial worked for me perfectly.
Davvero interessante 🙂 Grazie
Hi,
I install SELF-SIGNED CERTIFICATE on my site http://www.nspiel.de/ , and check on ssllabs.com it said: NOT TRUSTED.
What can I do now?
This procedure is for LOCAL certificates. For an online website, you have to use Let’s Encrypt or something similar, but in the meanwhile I see you already solved your issue 🙂