-
-
Save matt0galloway/7de776e1a562942a6c88d8b5f55deb41 to your computer and use it in GitHub Desktop.
Installing SSL on WSL2 Apache
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The idea is, we don't install certificates on WSL, instead we install them on | |
# Windows and point the path at WSL Apache/Ngnix configuration file. | |
# We use mkcert to generate certificates. | |
# https://github.com/FiloSottile/mkcert | |
# Install mkcert on Linux. Even though we don't generate certificate here, | |
# I am installing this only to check the constant is properly set or not. | |
# If you're Linux Ninja like my friend Bombay, you could do it without | |
# This package for sure. | |
# On WSL2 as root | |
wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.2/mkcert-v1.4.2-linux-amd64 | |
mv mkcert-v1.4.2-linux-amd64 mkcert | |
chmod +x mkcert | |
cp mkcert /usr/local/bin/ | |
# On Windows | |
# Install Chocolatey on Windows: https://chocolatey.org/install | |
# Open a PowerShell windows with administrator rights and run choco install mkcert | |
mkcert -install | |
setx CAROOT "$(mkcert -CAROOT)"; If ($Env:WSLENV -notlike "*CAROOT*") { setx WSLENV "CAROOT/up:$Env:WSLENV" } | |
# This will set the CAROOT environment variable on the WSL2 side to point to the Windows CAROOT, | |
# so your Windows browser can trust sites running in WSL2. | |
# Back on WSL2, you can verify the constant by typing: | |
mkcert -CAROOT | |
# You will see a result something like this: | |
`/mnt/c/Users/Jithesh/AppData/Local/mkcert` | |
# On Windows type | |
mkcert localhost 127.0.0.1 ::1 0.0.0.0 | |
# So, now the certificates will be in the CAROOT directory. | |
# Simply update the apache2 config and point certificate files: | |
# Type vim /etc/apache2/sites-available/default-ssl.conf | |
SSLCertificateFile /mnt/c/Users/Jithesh/AppData/Local/mkcert/localhost+3.pem | |
SSLCertificateKeyFile /mnt/c/Users/Jithesh/AppData/Local/mkcert/localhost+3-key.pem | |
# Enable SSL if you've not | |
a2enmod ssl | |
a2ensite default-ssl.conf | |
# Restart Apache | |
service apache2 reload | |
service apache2 restart | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment