SSL

Updated: 09 August 2025

Diagnose problems with certificates

Create self-signed certificates for Apache

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/apache-selfsigned.key \
-out /etc/ssl/certs/apache-selfsigned.crt

See Digital Ocean, how to create self-signed certs
See Self-signed wildcard cert check project on GitHub

Mozilla SSL configuration generator

https://ssl-config.mozilla.org/