Though creating a https-enabled server with verified certificate is a pain (as it should be, otherwise all would do it), creating a self-signed certificate for https is a piece of cake.
This tutorial is for Linux, but other platforms have the steps very similar.
Net is full of “how it works” texts, so I’ll just cover here the steps to get there…
The following steps are easiest to do as root (you’ll have to at least in few cases anyways).
$ cd /where/to/create/certificate $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out server.csr $ cp server.key server.key.orig $ openssl rsa -in server.key.orig -out server.key $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Now, you have the /where/is/certificate/server.key key file, and /where/is/certificate/server.crt certificate. You can use those to set up the VirtualHost for https now; your site definition could look like this:
<IfModule mod_ssl.c> <VirtualHost *:443> DocumentRoot /my/https/root/ <Directory /my/https/root/> Options Indexes FollowSymLinks MultiViews AllowOverride FileInfo Options Order allow,deny allow from localhost allow from 10.0.0 </Directory> SSLEngine on SSLCertificateFile /where/is/certificate/server.crt SSLCertificateKeyFile /where/is/certificate/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> </IfModule>
Now just make sure your mod_ssl is enabled, and that your Apache is listening on port 443.
Then just $ /etc/init.d/apache2 restart and off you go, with a new https access option!