Membuat HTTPS localhost (SSL) Menggunakan mkcert di Ubuntu 22.04

Dipublikasi pada 25 Juli 2025 oleh patenpisan

Berikut cara membuat HTTPS localhost menggunakan mkcert di Ubuntu 22.04:

1. Install mkcert

bash
# Install menggunakan curl
curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/amd64"
chmod +x mkcert-v*-linux-amd64
sudo mv mkcert-v*-linux-amd64 /usr/local/bin/mkcert

# Atau install dari snap
sudo snap install mkcert

2. Setup Certificate Authority (CA)

bash
# Install CA root certificate ke system trust store
mkcert -install

Perintah ini akan membuat CA lokal dan menambahkannya ke trust store browser dan sistem.

3. Generate Certificate untuk Localhost

bash
# Generate certificate untuk localhost
mkcert localhost 127.0.0.1 ::1

# Atau untuk domain custom
mkcert example.local "*.example.local"

Ini akan menghasilkan dua file:

  • localhost+2.pem (certificate)
  • localhost+2-key.pem (private key)

4. Konfigurasi Web Server

Untuk Nginx:

nginx
server {
    listen 443 ssl;
    server_name localhost;
    
    ssl_certificate /path/to/localhost+2.pem;
    ssl_certificate_key /path/to/localhost+2-key.pem;
    
    location / {
        root /var/www/html;
        index index.html;
    }
}

Untuk Apache:

apache
<VirtualHost *:443>
    ServerName localhost
    DocumentRoot /var/www/html
    
    SSLEngine on
    SSLCertificateFile /path/to/localhost+2.pem
    SSLCertificateKeyFile /path/to/localhost+2-key.pem
</VirtualHost>

Untuk Node.js/Express:

javascript
const https = require('https');
const fs = require('fs');
const express = require('express');

const app = express();

const options = {
    key: fs.readFileSync('localhost+2-key.pem'),
    cert: fs.readFileSync('localhost+2.pem')
};

https.createServer(options, app).listen(3000, () => {
    console.log('HTTPS Server running on https://localhost:3000');
});

5. Test Certificate

Buka browser dan akses https://localhost. Anda seharusnya melihat:

  • Tidak ada warning SSL
  • Icon gembok hijau di address bar
  • Certificate valid

Tips Tambahan:

Lokasi CA root certificate:

bash
# Cek lokasi CA
mkcert -CAROOT

Generate untuk multiple domains:

bash
mkcert localhost 127.0.0.1 ::1 example.local "*.example.local"

Uninstall CA (jika diperlukan):

bash
mkcert -uninstall

Dengan setup ini, Anda akan memiliki HTTPS localhost yang valid tanpa warning browser, sangat berguna untuk development aplikasi yang memerlukan HTTPS.

SM

untuk apache copykan kemana filenya dan virtual host dibuat dimana

Berikut detail lengkap untuk konfigurasi Apache di Ubuntu 22.04:

1. Lokasi File Certificate

Salin file certificate ke direktori yang aman:

bash
# Buat direktori untuk SSL certificates
sudo mkdir -p /etc/ssl/private
sudo mkdir -p /etc/ssl/certs

# Copy certificate files
sudo cp localhost+2.pem /etc/ssl/certs/
sudo cp localhost+2-key.pem /etc/ssl/private/

# Set permissions yang tepat
sudo chmod 644 /etc/ssl/certs/localhost+2.pem
sudo chmod 600 /etc/ssl/private/localhost+2-key.pem
sudo chown root:root /etc/ssl/certs/localhost+2.pem
sudo chown root:root /etc/ssl/private/localhost+2-key.pem

2. Buat Virtual Host

Lokasi Virtual Host di Ubuntu:

  • Available sites: /etc/apache2/sites-available/
  • Enabled sites: /etc/apache2/sites-enabled/

Buat file konfigurasi:

bash
# Buat file virtual host baru
sudo nano /etc/apache2/sites-available/localhost-ssl.conf

Isi file konfigurasi:

apache
<VirtualHost *:443>
    ServerName localhost
    DocumentRoot /var/www/html
    
    # SSL Configuration
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/localhost+2.pem
    SSLCertificateKeyFile /etc/ssl/private/localhost+2-key.pem
    
    # Optional: SSL Security Headers
    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
    Header always set X-Content-Type-Options nosniff
    Header always set X-Frame-Options DENY
    
    # Log files
    ErrorLog ${APACHE_LOG_DIR}/localhost_ssl_error.log
    CustomLog ${APACHE_LOG_DIR}/localhost_ssl_access.log combined
</VirtualHost>

# Optional: Redirect HTTP to HTTPS
<VirtualHost *:80>
    ServerName localhost
    Redirect permanent / https://localhost/
</VirtualHost>

3. Enable Modules dan Site

bash
# Enable SSL module
sudo a2enmod ssl
sudo a2enmod headers

# Enable site
sudo a2ensite localhost-ssl.conf

# Test konfigurasi
sudo apache2ctl configtest

# Restart Apache
sudo systemctl restart apache2

4. Struktur Direktori Lengkap

/etc/apache2/
├── sites-available/
│   ├── 000-default.conf
│   ├── default-ssl.conf
│   └── localhost-ssl.conf          # File yang kita buat
├── sites-enabled/
│   ├── 000-default.conf -> ../sites-available/000-default.conf
│   └── localhost-ssl.conf -> ../sites-available/localhost-ssl.conf
└── ...

/etc/ssl/
├── certs/
│   └── localhost+2.pem            # Certificate file
└── private/
    └── localhost+2-key.pem        # Private key

5. Verifikasi Setup

bash
# Cek apakah Apache listening di port 443
sudo netstat -tlnp | grep :443

# Cek enabled sites
sudo a2ensite --list

# Cek SSL certificate
openssl x509 -in /etc/ssl/certs/localhost+2.pem -text -noout

6. Test di Browser

  1. Buka https://localhost
  2. Pastikan tidak ada SSL warning
  3. Cek certificate details di browser

7. Troubleshooting

Jika ada error permission:

bash
sudo chown -R www-data:www-data /var/www/html
sudo chmod -R 755 /var/www/html

Jika Apache tidak start:

bash
# Cek syntax error
sudo apache2ctl configtest

# Cek Apache status
sudo systemctl status apache2

# Cek log error
sudo tail -f /var/log/apache2/error.log

Disable default SSL site jika konflik:

bash
sudo a2dissite default-ssl.conf
sudo systemctl reload apache2

Dengan konfigurasi ini, Anda akan memiliki HTTPS localhost yang berfungsi dengan baik di Apache pada Ubuntu 22.04.

Tulisan ini dipublikasikan di Tak Berkategori. Tandai permalink.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments