Generate a Self-Signed SSL Certificate for Local Dev aaPanel

enter image description here

To address the "Your connection to this site isn't secure" warning for your test websites on a local development server running AlmaLinux and AApanel, you can create a self-signed SSL certificate. This process involves generating a certificate and configuring your server to use it. Here's a step-by-step guide based on the information provided:

Step 1: Generate a Self-Signed SSL Certificate

  1. Open a Terminal: Access your server via SSH or open a terminal if you're working directly on the server.

  2. Install OpenSSL: If not already installed, you need OpenSSL to generate the certificate.

    sudo dnf install openssl -y
    
  3. Generate the Certificate: Use OpenSSL to create a self-signed certificate. You'll be prompted to enter details for the certificate. For local development, you can use default values or specify your own.

    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt
    

    This command generates a new RSA key (apache-selfsigned.key) and a self-signed certificate (apache-selfsigned.crt) valid for 365 days.

Step 2: Configure AApanel to Use the SSL Certificate

  1. Access AApanel: Log in to your AApanel dashboard.

  2. SSL/TLS Settings: Navigate to the SSL/TLS settings for your domain.

  3. Upload Certificate and Key: Upload the certificate (apache-selfsigned.crt) and key (apache-selfsigned.key) you generated in Step 1.

  4. Apply Changes: Save your changes. AApanel will automatically configure your server to use the SSL certificate.

Step 3: Trust the Self-Signed Certificate in Your Browser

Browsers will show a warning about the self-signed certificate because it's not issued by a trusted Certificate Authority (CA). To avoid this warning, you can import the certificate into your browser's trust store. The process varies by browser, but generally involves:

  • Opening the browser's settings.
  • Navigating to the security or privacy section.
  • Finding the option to manage certificates.
  • Importing the apache-selfsigned.crt file as a trusted certificate.

Additional Notes

  • Self-Signed Certificates: Remember, self-signed certificates are suitable for development and testing but not recommended for production environments.
  • Browser Warnings: Browsers will still show a warning about the certificate being self-signed. This is expected and can be ignored for local development.
  • Production Environment: For a production environment, obtain a certificate from a trusted CA and follow their specific instructions for installation and configuration.

By following these steps, you should be able to install SSL on your local development server and get rid of the "unsecure" message alerts for your test websites.