What is a certificate in Ubuntu

SSL certificates are needed to ensure security in various areas. The most popular of these is browsing sites using the HTTPS protocol. There are not many trusted root certificates of organizations that sign the rest of the certificates for all sites. These trusted certificates are stored on each PC or smartphone. Based on this, the browser understands that a particular site can be trusted.

But if you decide to create your own root certificate and sign a certificate for your site with it, you will see a message in your browser that the connection is not secure because you are using a certificate that is not on the trusted list. Other programs will work the same way. But you can add your certificate to the trusted list on your system. In this article, we will look at how to install a certificate in Ubuntu.

What is necessary?

How to make a certificate trusted in Ubuntu? You can create your CA using EasyRSA, create and sign an SSL certificate. Then use this certificate for the localhost domain in Apache.

This way you will have three files:

1. ca.crt - the root CA certificate;
2. localhost.crt - the site certificate signed by the CA;
3. localhost.key - the key of the site certificate.

Activate the Apache virtual host file for the default site using this command:

sudo a2ensite default-ssl

Next, open this file and find the following lines:SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

For the SSLCertificateFile parameter you must pass the path to the site certificate, for example, localhost.crt, and for SSLCertificateKeyFile you must pass the key of the site certificate. For example, localhost.key. If the certificates are in the /etc/apache/ssl folder, the configuration will look like this:

SSLCertificateFile /etc/apache/ssl/localhost.crt SSLCertificateKeyFile /etc/apache/ssl/localhost.key

After that you need to restart Apache:

sudo systemctl restart apache2

Now you are all set to run the below on your system.