SSL connection is used to encrypted the data transferred between your visitors and your store on the internet. So, it is better to enable the SSL connections for your store. In this article, I will teach you how to create a self-signed certificate for testing SSL connections on your TomatoCart store.
Step 1. Install openssl
sudo apt-get update sudo apt-get install openssl
Step 2. Enable the SSL Module
sudo a2enmod ssl
Reload apache to load the new configuration.
sudo service apache2 reload
Step 3. Generate a Self-Signed ssl certificate
I will store the ssl certificate file under /etc/apache2/ssl. Run following command to create the fold.
sudo mkdir -p /etc/apache2/ssl
Run following command to generate certificate:
sudo openssl req -x509 -nodes -days 180 -newkey rsa:2048 -keyout /etc/apache2/ssl/tomatocart.key -out /etc/apache2/ssl/tomatocart.crt
- The days option specify the days this certificate should be valid.
- The keyout option specify the path to store ssl key file.
- The out option specify the path to store the certificate file.
Your system will ask the information data for the certificate. Just enter your own information.
root@tomatocart:/etc/apache2# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/tomatocart.key -out /etc/apache2/ssl/tomatocart.crt Generating a 2048 bit RSA private key ..............+++ ........................+++ writing new private key to '/etc/apache2/ssl/tomatocart.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:CN State or Province Name (full name) [Some-State]:SHANGHAI Locality Name (eg, city) :SHANGHAI Organization Name (eg, company) [Internet Widgits Pty Ltd]:TomatoCart Organizational Unit Name (eg, section) : Common Name (e.g. server FQDN or YOUR name) :tomatocart.me Email Address :email@example.com
Now, it is possible to find the certificate file under /etc/apache2/ssl.
Step 4. Configure apache virtual host to enable ssl
Open /etc/apache2/sites-available/tomatocart.conf to edit(you should open your own conf file).
sudo vim /etc/apache2/sites-available/tomatocart.conf
Add ssl virtual host configs.
<IfModule mod_ssl.c> <VirtualHost *:443> ServerName tomatocart.me:443 ServerAlias www.tomatocart.me:443 ServerAdmin webmaster@localhost DocumentRoot /var/www/tomatocart SSLEngine on SSLCertificateFile /etc/apache2/ssl/tomatocart.crt SSLCertificateKeyFile /etc/apache2/ssl/tomatocart.key </VirtualHost> </IfModule>
Restart Apache to apply the changes.
sudo service apache2 restart
Step 5. Update TomatoCart configuration to support ssl connections
Find includes/configure.php to modify the HTTPS_SERVER.
Now that the ssl connection is enabled, it is possible to access the store with https://www.tomatocart.me in the browser. You will see a warning for the certificate as follow:
Just accept it, you will see the store front.
This Self-signed certificate is fit for testing the ssl connection. But, it will result in a scary warning about not being able to verify your site’s identity, so it is not recommended for production. For the production, you have to purchase a SSL certificate from a trusted CA such as arvixe.com.