I thought this is an easy task, but after searching for various ways on the internet, it is not as simple as I imagined. There are many ways to enable HTPPS on your web server depending on what server software is used, the operating system, and where the server is running.<\/p>\n\n\n\n
In my case, I will write how to enable HTTPS web server using Apache on Ubuntu Linux operating system<\/strong>. Here I use Oracle Cloud Compute so there is a special step that needs to be done because by default port 443 is not in There are three steps that need to be done here.<\/p>\n\n\n\n You may ask why the certificate doesn’t just use one from OpenSSL? It’s easy to create one by using only one command line.<\/p>\n\n\n\n the answer: Apparently I have tried a self-signed certificate, but when Google Chrome opens my site, it is still considered a dangerous site. Why? Because the certificate that we have is not signed by a trusted Certificate Authority. Therefore we must have a certificate signed by CA as a trusted third party.<\/p>\n\n\n\n It turns out that no special way is needed to turn on HTTPS on a server running on Oracle Cloud Compute. But make sure you have turned on the Apache HTTP Web Server using the guidelines here<\/a>.<\/p>\n\n\n\n These guidelines are for HTTP only. For HTTPS you need to add one more step when setting up the Enable Apache Edit the Apache configuration file.<\/p>\n\n\n\n Add the following lines at the end of this file.<\/p>\n\n\n\n Now let’s create a directory for the certificate.<\/p>\n\n\n\n Edit the Apache configuration file for the default website.<\/p>\n\n\n\n We will also redirect the HTTP to HTTPS.<\/p>\n\n\n\n We’ve done setting up the Apache. Now let’s create the certificate.<\/p>\n\n\n\n We will use Certbot from Let’s Encrypt to generate our signed certificate.<\/p>\n\n\n\n Install Create the certificate, for example, our site domain is After that, you will be asked some questions, and they will give you a DNS TXT record challenge.<\/p>\n\n\n\n Just create a DNS TXT record under the name After that, press enters to verify the domain. Once were receive the success verification message, the key and certificate will be created in this location. <\/p>\n\n\n\n We need to move the certificate to the Apache certificate directory.<\/p>\n\n\n\n Finish! Now restart the Apache.<\/p>\n\n\n\n Visit your site using HTTPS, it should be working right now! \ud83d\ude42<\/p>\n\n\n\n References:<\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" I thought this is an easy task, but after searching for various ways on the internet, it is not as simple as I imagined. There are many ways to enable HTPPS on your web server depending on what server software is used, the operating system, and where the server is running. In my case, I […]<\/p>\n","protected":false},"author":1,"featured_media":642,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4,5,149],"tags":[156,162,163,160,155,158,154,161,36,159,55,153,66,157],"class_list":["post-544","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-programming","category-security","tag-apache","tag-certbot","tag-certificate","tag-cloud","tag-encryption","tag-http","tag-https","tag-lets-encrypt","tag-linux","tag-oracle","tag-server","tag-ssl","tag-ubuntu","tag-web"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/03\/franck-DoWZMPZ-M9s-unsplash.jpg?fit=1920%2C1440&ssl=1","jetpack-related-posts":[{"id":4555,"url":"https:\/\/blog.derrylab.com\/index.php\/2025\/06\/28\/how-to-attach-additional-block-volume-in-oracle-cloud-instance\/","url_meta":{"origin":544,"position":0},"title":"How to Attach Additional Block Volume in Oracle Cloud Instance","author":"derry","date":"June 28, 2025","format":false,"excerpt":"As I continued rolling out new features across several services in my infrastructure, I noticed disk space was starting to run low. Fortunately, my Oracle Cloud instance still had some unallocated block volume available, but since I wasn\u2019t too familiar with the Oracle Cloud Console, I had to figure things\u2026","rel":"","context":"In "linux"","block_context":{"text":"linux","link":"https:\/\/blog.derrylab.com\/index.php\/category\/linux\/"},"img":{"alt_text":"black internal hdd on black surface","src":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2025\/06\/pexels-photo-117729.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2025\/06\/pexels-photo-117729.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2025\/06\/pexels-photo-117729.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2025\/06\/pexels-photo-117729.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2025\/06\/pexels-photo-117729.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3171,"url":"https:\/\/blog.derrylab.com\/index.php\/2023\/12\/18\/how-to-enable-browsing-when-you-have-ssh-access\/","url_meta":{"origin":544,"position":1},"title":"How to Enable Browsing when You Have SSH Access","author":"derry","date":"December 18, 2023","format":false,"excerpt":"Introduction If you have access to SSH into a machine, it means you have full control of that machine. However if not all of the things can be done via terminal SSH, sometimes you need to browse some sites using that machine connection. The simplest solution for this is to\u2026","rel":"","context":"In "linux"","block_context":{"text":"linux","link":"https:\/\/blog.derrylab.com\/index.php\/category\/linux\/"},"img":{"alt_text":"view of tunnel","src":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/12\/pexels-photo-249097.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/12\/pexels-photo-249097.jpeg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/12\/pexels-photo-249097.jpeg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/12\/pexels-photo-249097.jpeg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/12\/pexels-photo-249097.jpeg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":109,"url":"https:\/\/blog.derrylab.com\/index.php\/2020\/09\/04\/how-to-hide-wine-system-tray\/","url_meta":{"origin":544,"position":2},"title":"How to Hide Wine System Tray","author":"derry","date":"September 4, 2020","format":false,"excerpt":"Install this gnome extension: https:\/\/extensions.gnome.org\/extension\/1674\/topiconsfix\/ This will move wine system tray to your real ubuntu\/gnome system tray. Enjoy your life.","rel":"","context":"In "linux"","block_context":{"text":"linux","link":"https:\/\/blog.derrylab.com\/index.php\/category\/linux\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":113,"url":"https:\/\/blog.derrylab.com\/index.php\/2020\/10\/22\/how-to-view-dot-files-in-ubuntu\/","url_meta":{"origin":544,"position":3},"title":"How to View .dot Files in Ubuntu","author":"derry","date":"October 22, 2020","format":false,"excerpt":"I was working with LLVM recently to create a callgraph using opt -view-cfg. But unfortunately it doesn't work. Here is what I got instead: ibndias@SHAHEEN-XPS15:~\/Documents\/Projects$ opt -view-cfg file.bcWARNING: You're attempting to print out a bitcode file.This is inadvisable as it may cause display problems. Ifyou REALLY want to taste LLVM\u2026","rel":"","context":"In "linux"","block_context":{"text":"linux","link":"https:\/\/blog.derrylab.com\/index.php\/category\/linux\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1282,"url":"https:\/\/blog.derrylab.com\/index.php\/2022\/08\/01\/problem-when-building-old-openssl-version-on-the-new-system\/","url_meta":{"origin":544,"position":4},"title":"Problem When Building Old OpenSSL Version on The New System","author":"derry","date":"August 1, 2022","format":false,"excerpt":"The old OpenSSL seems to have a problem when built using a newer system. I got this problem when compiling OpenSSL 1.1.0f on my Ubuntu 22.04. derry@G14:~\/openssl-1.1.0f$ .\/config -d shared no-asm no-hw Operating system: x86_64-whatever-linux2 \"glob\" is not exported by the File::Glob module Can't continue after import errors at .\/Configure\u2026","rel":"","context":"In "Programming"","block_context":{"text":"Programming","link":"https:\/\/blog.derrylab.com\/index.php\/category\/programming\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/08\/pexels-anamul-rezwan-1145434-scaled.jpg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/08\/pexels-anamul-rezwan-1145434-scaled.jpg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/08\/pexels-anamul-rezwan-1145434-scaled.jpg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/08\/pexels-anamul-rezwan-1145434-scaled.jpg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2022\/08\/pexels-anamul-rezwan-1145434-scaled.jpg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":2572,"url":"https:\/\/blog.derrylab.com\/index.php\/2023\/02\/08\/how-to-install-the-latest-openwrt-on-arduino-yun\/","url_meta":{"origin":544,"position":5},"title":"How to Install the Latest OpenWRT on Arduino Yun","author":"derry","date":"February 8, 2023","format":false,"excerpt":"By the time I am writing this, this might be the first article that tells you how to install OpenWRT on Arduino Yun because no one talks about it. Also, Arduino Yun is already reached its end of life, and the version history is not well documented in each article\u2026","rel":"","context":"In "Hardware"","block_context":{"text":"Hardware","link":"https:\/\/blog.derrylab.com\/index.php\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/02\/ArduinoYunFront_2.jpg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/02\/ArduinoYunFront_2.jpg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/02\/ArduinoYunFront_2.jpg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/02\/ArduinoYunFront_2.jpg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/blog.derrylab.com\/wp-content\/uploads\/2023\/02\/ArduinoYunFront_2.jpg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/posts\/544","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/comments?post=544"}],"version-history":[{"count":10,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/posts\/544\/revisions"}],"predecessor-version":[{"id":645,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/posts\/544\/revisions\/645"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/media\/642"}],"wp:attachment":[{"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/media?parent=544"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/categories?post=544"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.derrylab.com\/index.php\/wp-json\/wp\/v2\/tags?post=544"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}iptable<\/code>s. This tutorial is for Apache on Ubuntu, not limited to Oracle Cloud, if your server is not on Oracle Cloud, you can skip this step and still continue. \ud83d\ude42<\/em><\/p>\n\n\n\nEnabling HTTPS on Oracle Cloud Compute<\/h2>\n\n\n\n
iptable<\/code>s firewall by opening port 443 as follows.<\/p>\n\n\n\nsudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT\r\nsudo netfilter-persistent save<\/code><\/pre>\n\n\n\nEnabling HTTPS on Apache2<\/h2>\n\n\n\n
SSL<\/code> and rewite<\/code> modules<\/p>\n\n\n\na2enmod ssl\na2enmod rewrite<\/code><\/pre>\n\n\n\nvi \/etc\/apache2\/apache2.conf<\/code><\/pre>\n\n\n\n<Directory \/var\/www\/html>\nAllowOverride All\n<\/Directory><\/code><\/pre>\n\n\n\nmkdir \/etc\/apache2\/certificate<\/code><\/pre>\n\n\n\nvi \/etc\/apache2\/sites-enabled\/000-default.conf<\/code><\/pre>\n\n\n\n<VirtualHost *:80>\n RewriteEngine On\n RewriteCond %{HTTPS} !=on\n RewriteRule ^\/?(.*) https:\/\/%{SERVER_NAME}\/$1 [R=301,L]\n<\/virtualhost>\n<VirtualHost *:443>\n ServerAdmin webmaster@localhost\n DocumentRoot \/var\/www\/html\n ErrorLog ${APACHE_LOG_DIR}\/error.log\n CustomLog ${APACHE_LOG_DIR}\/access.log combined\n SSLEngine on\n SSLCertificateFile \/etc\/apache2\/certificate\/fullchain.pem\n SSLCertificateKeyFile \/etc\/apache2\/certificate\/privkey.pem\n<\/VirtualHost><\/code><\/pre>\n\n\n\nGenerate SSL Certificate<\/h2>\n\n\n\n
certbot<\/code> via snapd.<\/p>\n\n\n\nsudo apt install snapd\nsudo snap install core\nsudo snap refresh core\nsudo snap install --classic certbot\nsudo ln -s \/snap\/bin\/certbot \/usr\/bin\/certbot<\/code><\/pre>\n\n\n\nyourdomain.com<\/code>. This will create a wildcard certificate valid for all subdomains for yourdomain.com<\/code><\/strong>.<\/p>\n\n\n\nsudo certbot certonly --manual --preferred-challenges=dns --email admin@yourdomain.com --server https:\/\/acme-v02.api.letsencrypt.org\/directory --agree-tos -d *.yourdomain.com<\/code><\/pre>\n\n\n\n_acme-challenge.yourdomain.com<\/code> on your domain hosting, then add the TXT record they provided.<\/p>\n\n\n\n\/etc\/letsencrypt\/live\/your_domain\/fullchain.pem\n\/etc\/letsencrypt\/live\/your_domain\/privkey.pem<\/code><\/pre>\n\n\n\nmv \/etc\/letsencrypt\/live\/your_domain\/*.pem \/etc\/apache2\/certificate\/<\/code><\/pre>\n\n\n\nservice apache2 restart<\/code><\/pre>\n\n\n\n