SSl on local domian

SSl on local domian

To generate a new SSL certificate with the correct details, follow these steps:

  1. Make sure you have OpenSSL installed on your Ubuntu server. If not, you can install it with the following command:

     sudo apt-get install openssl
  2. Generate a private key: Run the following command to generate a private key file:

     sudo openssl genpkey -algorithm RSA -out /etc/ssl/private/website1.local.key -pkeyopt rsa_keygen_bits:2048
  3. Generate a certificate signing request (CSR): Use the private key to generate a CSR by running the following command:

     sudo openssl req -new -key /etc/ssl/private/website1.local.key -out /etc/ssl/certs/website1.local.csr

    During the CSR generation process, you will be prompted to provide information such as your organization details and the Common Name (CN). Make sure to enter the following information:

    • Common Name (CN): website1.local

    • Organization (O): Your organization name (optional)

    • Organizational Unit (OU): Your organizational unit (optional)

  4. Generate a self-signed SSL certificate: Run the following command to generate a self-signed SSL certificate using the CSR:

     sudo openssl x509 -req -days 365 -in /etc/ssl/certs/website1.local.csr -signkey /etc/ssl/private/website1.local.key -out /etc/ssl/certs/website1.local.crt
  5. Verify the generated certificate: You can verify the details of the newly generated certificate by running the following command:

     sudo openssl x509 -in /etc/ssl/certs/website1.local.crt -noout -text

    Check that the Common Name (CN) is set to "website1.local" and that the other details are correct.

Once you have generated the new SSL certificate, you can proceed with configuring your web server (such as Nginx) to use the new certificate. Remember to restart the web server for the changes to take effect.

Note: When accessing the website, make sure the domain name "website1.local" resolves to the correct IP address in your local DNS or hosts file.