Ubuntu: How to Renew Apache’s default SSL Certificate CodeUnit 16 DEC 2010

A lot of the time, in order to quickly enable SSL for Apache in Ubuntu, servers make use of a self-signed certificates. These are pretty useful, though they do have a tendency to expire on you when you least expect it.

To renew this ‘snake oil’ certificate as Apache dubs it is actually quite simple.

First, make some backups of the existing certificate and key just in case something goes wrong:

sudo cp /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key-backup

sudo cp /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-cert-snakeoil.pem-backup

Next, generate the new key (I’m making it valid for 5 years here – a bit excessive, I know):

openssl genrsa -out server.key 1024

openssl req -new -x509 -key server.key -out server.pem -days 1826

Fill out responses for all the questions asked and once done and generated, move these files back into their expected locations:

sudo mv server.key /etc/ssl/private/ssl-cert-snakeoil.key
sudo mv server.pem /etc/ssl/certs/ssl-cert-snakeoil.pem

At this point you might want to restart the Apache service as well, which can be done like so:

sudo /etc/init.d/apache2 restart

And you’re done! Nifty.

Related Posts:

About Craig Lotter

South African software architect and developer at Touchwork. Husband to a cupcake baker and father to two little girls. I don't have time for myself any more.

  • Web Hosting

    I have read this site it has too good information. I collected much information I need.
    In our modern society, for every person in business or with a career in most industries today, it is imperative to have a place in cyberspace, not just to be competitive but to survive. Web hosting companies were born out of this great need to provide an environment for the masses to own a piece of cyberspace, to offer an environment where people could have their piece of cyberspace on the internet 24/7 without the great cost. web hosting companies developed a model where they could split up areas on the servers connected to the backbone and ?rent? this space, cutting the costs across many people sharing the server and backbone connection to the internet.

    To obtain space in a web hosting environment you become a member and agree to terms and conditions of renting the space ? just as if you were to rent a house or commercial premises for your business. Once you agree and become a member, you are given an access code, a key, to your piece of cyberspace. This key, in the form of a login and password, allows you to connect to the web hosting server and up-load (transfer to) your web site so it can be accessed on the internet. Your login and password is also used to connect to a mail server to create and administer mailboxes to send and receive email for you, your staff, or family members.