fernandovaller/config-ssl-localhost

## config-ssl-localhost
# Download version correct
https://slproweb.com/products/Win32OpenSSL.html

# Windows
https://slproweb.com/download/Win64OpenSSL-1_1_1m.exe
Install > next > next

# Open CMD (ADMIN) in local install
C:\Program Files\OpenSSL-Win64\bin>

# Generate
$ openssl genrsa -aes256 -out private.key 2048

# Set password
1234567890

$ openssl rsa -in private.key -out private.key
$ openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500

# Set info
US > Minnessota > Saint Louis Park > > localhost > you@email

# Copy 2 files
$ cp private.key /etc/ssl/keys/
$ cp certificate.crt /etc/ssl/keys/

# Enable mod in apache2
$ sudo a2enmod ssl

# Set config in apache.conf
<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine on

    SSLProtocol             all -SSLv2 -SSLv3
    SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
    SSLHonorCipherOrder     on
    SSLCompression          off

    SSLOptions +StrictRequire

    SSLCertificateFile /etc/ssl/keys/certificate.crt
    SSLCertificateKeyFile /etc/ssl/keys/private.key
</VirtualHost>
	# Download version correct
	https://slproweb.com/products/Win32OpenSSL.html

	# Windows
	https://slproweb.com/download/Win64OpenSSL-1_1_1m.exe
	Install > next > next

	# Open CMD (ADMIN) in local install
	C:\Program Files\OpenSSL-Win64\bin>

	# Generate
	$ openssl genrsa -aes256 -out private.key 2048

	# Set password
	1234567890

	$ openssl rsa -in private.key -out private.key
	$ openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500

	# Set info
	US > Minnessota > Saint Louis Park > > localhost > you@email

	# Copy 2 files
	$ cp private.key /etc/ssl/keys/
	$ cp certificate.crt /etc/ssl/keys/

	# Enable mod in apache2
	$ sudo a2enmod ssl

	# Set config in apache.conf
	<VirtualHost *:443>
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on

	SSLProtocol all -SSLv2 -SSLv3
	SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
	SSLHonorCipherOrder on
	SSLCompression off

	SSLOptions +StrictRequire

	SSLCertificateFile /etc/ssl/keys/certificate.crt
	SSLCertificateKeyFile /etc/ssl/keys/private.key
	</VirtualHost>