[TomatoCart] – How to create a self-signed SSL Certificate to test HTTPS for tomatocart


SSL connection is used to encrypted the data transferred between your visitors and your store on the internet. So, it is better to enable the SSL connections for your store. In this article, I will teach you how to create a self-signed certificate for testing SSL connections on your TomatoCart store.

Step 1. Install openssl

sudo apt-get update
sudo apt-get install openssl

Step 2. Enable the SSL Module

sudo a2enmod ssl

Reload apache to load the new configuration.

sudo service apache2 reload

Step 3. Generate a Self-Signed ssl certificate

I will store the ssl certificate file under /etc/apache2/ssl. Run following command to create the fold.

sudo mkdir -p /etc/apache2/ssl

Run following command to generate certificate:

sudo openssl req -x509 -nodes -days 180 -newkey rsa:2048 -keyout /etc/apache2/ssl/tomatocart.key -out /etc/apache2/ssl/tomatocart.crt
  • The days option specify the days this certificate should be valid.
  • The keyout option specify the path to store ssl key file.
  • The out option specify the path to store the certificate file.

Your system will ask the information data for the certificate. Just enter your own information.

root@tomatocart:/etc/apache2# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/tomatocart.key -out /etc/apache2/ssl/tomatocart.crt
Generating a 2048 bit RSA private key
writing new private key to '/etc/apache2/ssl/tomatocart.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:SHANGHAI
Locality Name (eg, city) []:SHANGHAI
Organization Name (eg, company) [Internet Widgits Pty Ltd]:TomatoCart
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:tomatocart.me
Email Address []:jack.yin@tomatocart.com

Now, it is possible to find the certificate file under /etc/apache2/ssl.


Step 4. Configure apache virtual host to enable ssl

Open /etc/apache2/sites-available/tomatocart.conf to edit(you should open your own conf file).

sudo vim /etc/apache2/sites-available/tomatocart.conf

Add ssl virtual host configs.

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName tomatocart.me:443
        ServerAlias www.tomatocart.me:443

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/tomatocart

        SSLEngine on

        SSLCertificateFile /etc/apache2/ssl/tomatocart.crt
        SSLCertificateKeyFile /etc/apache2/ssl/tomatocart.key

Restart Apache to apply the changes.

sudo service apache2 restart

Step 5. Update TomatoCart configuration to support ssl connections

Find includes/configure.php to modify the HTTPS_SERVER.


Now that the ssl connection is enabled, it is possible to access the store with https://www.tomatocart.me in the browser. You will see a warning for the certificate as follow:


Just accept it, you will see the store front.



This Self-signed certificate is fit for testing the ssl connection. But, it will result in a scary warning about not being able to verify your site’s identity, so it is not recommended for production. For the production, you have to purchase a SSL certificate from a trusted CA such as arvixe.com.

Looking for quality TomatoCart hosting? Check out Arvixe Web Hosting

Tags: , | Posted under TomatoCart | RSS 2.0

Author Spotlight

Jack Yin

TomatoCart Developer & Co Founder - Arvixe Web Hosting / TomatoCart Community Liaison

Leave a Reply

Your email address will not be published. Required fields are marked *