Here are steps to add a new self-signed certificate.
- log into server
- run below command
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/<fulldomain>-selfsigned.key -out /etc/ssl/certs/<fulldomain>-selfsigned.crt
- while being asked to feed details, make sure to fill QNAME with your full (sub)domain name for which this certificate is going to be used
- once certificate is generated, edit /etc/apache2/sites-available/<mysite-config-file>.conf
- Link the certificate there as in below:
SSLCertificateKeyFile /etc/ssl/private/<fulldomain>-selfsigned.key
SSLCertficateFile /etc/ssl/private/<fulldomain>-selfsigned.crt
- restart apache
sudo /etc/init.d/apache2 restart
Done!