Enable SSL. Command for Debian-based systems:
sudo a2enmod ssl
Add a new section for port 80 at the top of the main config file, dealing with redirect:
NameVirtualHost *:80 <VirtualHost *:80> ServerName localhost Redirect permanent / https://localhost </VirtualHost>
Change the old <VirtualHost *:80> directive to <VirtualHost *:443>
Add the following lines to the <VirtualHost *:443> section:
SSLEngine On SSLCertificateFile /etc/apache2/cert/vhost_1.crt SSLCertificateKeyFile /etc/apache2/cert/key/vhost_1.key <Location /> SSLRequireSSL On SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +StrictRequire </Location>
Create the SSL keys:
cd /etc/apache2 mkdir -p cert/key openssl req -new -x509 -days 365 -keyout cert/key/vhost_1.key -out crt/vhost_1.crt -nodes -subj /O=test/OU=test/CN=www.example.com’