{"id":1601,"date":"2022-06-25T18:10:59","date_gmt":"2022-06-25T09:10:59","guid":{"rendered":"https:\/\/jcl.kr:6443\/?p=1601"},"modified":"2022-06-29T13:03:04","modified_gmt":"2022-06-29T04:03:04","slug":"how-to-apply-ssl-certificate-to-raspberry-pi","status":"publish","type":"post","link":"https:\/\/jcl.kr\/?p=1601","title":{"rendered":"How to apply SSL certificate to Raspberry Pi"},"content":{"rendered":"\n<p>This method is applicable not only to Raspberry Pi but also to Linux.<\/p>\n\n\n\n<p>This article was written based on apache on Raspbian OS.<\/p>\n\n\n\n<p>And, for SSL, ZeroSSL, which can be used for free, was used.<\/p>\n\n\n\n<p>How to get Zero SSL will be organized separately next time.<\/p>\n\n\n\n<p>First, first save the 3 downloaded ZeroSSL files in the desired path.<\/p>\n\n\n\n<p>You can either use a command line or use an FTP program.<\/p>\n\n\n\n<p>Based on ZeroSSL, there are three types of certificate files below.<\/p>\n\n\n\n<p>ca_bundle.crt<\/p>\n\n\n\n<p>certificate.crt<\/p>\n\n\n\n<p>private.key<\/p>\n\n\n\n<p>I saved it in \/etc\/ssl\/ .<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"932\" height=\"306\" data-src=\"https:\/\/jcl.kr:6443\/wp-content\/uploads\/2022\/06\/ssl1.png\" alt=\"\" class=\"wp-image-1602 lazyload\" data-srcset=\"https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl1.png 932w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl1-300x98.png 300w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl1-768x252.png 768w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl1-600x197.png 600w\" data-sizes=\"(max-width: 932px) 100vw, 932px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 932px; --smush-placeholder-aspect-ratio: 932\/306;\" \/><\/figure>\n\n\n\n<p>I used &#8216;filezilla&#8217; as the FTP program, and if I just pass it over, permission problems occur, so I gave 777 permission to the ssl directory, copied it, and then changed the permission again.<\/p>\n\n\n\n<p>grant write permission<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>\/etc $ sudo chmod -R 777 ssl<\/p><\/blockquote>\n\n\n\n<p>After copying, restore permissions<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>\/etc $ sudo chmod -R 755 ssl<\/p><\/blockquote>\n\n\n\n<p>After that, you can edit the configuration file, and there is only one file to modify, and you can edit it using nano or vi as shown below.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>$ sudo nano \/etc\/apache2\/sites-available\/default-ssl.conf<\/p><\/blockquote>\n\n\n\n<p>After that, you can change the three parts of the file to the path and file name where the above certificate file is stored.<\/p>\n\n\n\n<p>As shown in the figure below, remove the commented part and replace the three parts with the path where the certificate file is saved.<\/p>\n\n\n\n<p>SSLCertificateFile \/etc\/ssl\/certificate.crt<\/p>\n\n\n\n<p>SSLCertificateKeyFile \/etc\/ssl\/private.key<\/p>\n\n\n\n<p>SSLCertificateChainFile \/etc\/ssl\/ca_bundle.crt<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"627\" data-src=\"https:\/\/jcl.kr:6443\/wp-content\/uploads\/2022\/06\/ssl2-1024x627.png\" alt=\"\" class=\"wp-image-1603 lazyload\" data-srcset=\"https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl2-1024x627.png 1024w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl2-300x184.png 300w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl2-768x471.png 768w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl2-600x368.png 600w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl2.png 1126w\" data-sizes=\"(max-width: 1024px) 100vw, 1024px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/627;\" \/><\/figure>\n\n\n\n<p>After making changes, save them in the order of Control+O -&gt; Enter -&gt; Control+X.<\/p>\n\n\n\n<p>Then restart apache and everything will be done.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>$ sudo service apache2 restart<\/p><\/blockquote>\n\n\n\n<p>After that, if you connect with https, you can see that a lock has been created as shown below.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"71\" data-src=\"https:\/\/jcl.kr:6443\/wp-content\/uploads\/2022\/06\/ssl3-1024x71.png\" alt=\"\" class=\"wp-image-1604 lazyload\" data-srcset=\"https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl3-1024x71.png 1024w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl3-300x21.png 300w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl3-768x53.png 768w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl3-600x41.png 600w, https:\/\/jcl.kr\/wp-content\/uploads\/2022\/06\/ssl3.png 1244w\" data-sizes=\"(max-width: 1024px) 100vw, 1024px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/71;\" \/><\/figure>\n\n\n\n<p>Also, I will post in the next article how to redirect to automatically go to https even when connecting via http.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This method is applicable not only to Raspberry Pi but also to Linux. This article was written based on apache on Raspbian OS. And, for SSL, ZeroSSL, which can be&#8230;<\/p>\n","protected":false},"author":1,"featured_media":1602,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[108,106,107,49,104,105],"class_list":["post-1601","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-1","tag-apache","tag-https","tag-linux","tag-raspberrypi","tag-ssl","tag-zerossl"],"_links":{"self":[{"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/posts\/1601","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jcl.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1601"}],"version-history":[{"count":3,"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/posts\/1601\/revisions"}],"predecessor-version":[{"id":1650,"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/posts\/1601\/revisions\/1650"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jcl.kr\/index.php?rest_route=\/wp\/v2\/media\/1602"}],"wp:attachment":[{"href":"https:\/\/jcl.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1601"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jcl.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1601"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jcl.kr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1601"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}