Installing SSL on WSL2 Apache

Securing Your Local Development Environment 

In the world of web development, ensuring the security of your local environment is as crucial as securing a live server. Implementing SSL (Secure Sockets Layer) on your local Apache server running on Windows Subsystem for Linux (WSL2) with Ubuntu can seem daunting, but it’s a vital step towards a more secure development process. Here’s a step-by-step guide to get you started. 

Step 1: Setting Up WSL2 and Apache Before diving into SSL, make sure you have WSL2 installed and running on your Windows machine. If you haven’t already, you can install it by following the official Microsoft documentation. Once WSL2 is up and running, install Apache on your Ubuntu distribution using the following commands:

sudo apt update
sudo apt install apache2

Step 2: Installing mkcert mkcert is a simple tool that makes it easy to create locally trusted development certificates. Install mkcert on both your Windows and WSL2 environments. On WSL2, you can use Homebrew:

brew install mkcert

Or On WSL2 as root

wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.2/mkcert-v1.4.2-linux-amd64
mv mkcert-v1.4.2-linux-amd64 mkcert
sudo chmod +x mkcert
cp mkcert /usr/local/bin/

On Windows, you can use Chocolatey to install mkcert:

choco install mkcert
mkcert -install 
setx CAROOT "$(mkcert -CAROOT)"; If ($Env:WSLENV -notlike "*CAROOT*") { setx WSLENV "CAROOT/up:$Env:WSLENV" }

This will set the CAROOT environment variable on the WSL2 side to point to the Windows CAROOT, so your Windows browser can trust sites running in WSL2. 

Back on WSL2, you can verify the constant by typing:

mkcert -CAROOT

You will see a result something like this:

/mnt/c/Users/User_Name/AppData/Local/mkcert`

Step 3: Generating SSL Certificates With mkcert installed, generate your local CA and SSL certificates. Run the following command in your Powershell terminal:

mkcert localhost 127.0.0.1 ::1

This will create SSL certificates for localhost that you can use with Apache. 

Step 4: Configuring Apache to Use SSL Now, you need to configure Apache to use the SSL certificates generated by mkcert. Edit the default SSL configuration file:

sudo vim /etc/apache2/sites-available/default-ssl.conf

Update the SSLCertificateFile and SSLCertificateKeyFile directives to point to your newly generated certificates: 

SSLCertificateFile /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/localhost+3.pem
SSLCertificateKeyFile /mnt/c/Users/YOUR_WINDOWS_USERNAME/AppData/Local/mkcert/localhost+3-key.pem

Step 5: Enabling SSL Module and Site If you haven’t already enabled the SSL module and site in Apache, do so with the following commands:

sudo a2enmod ssl
sudo a2ensite default-ssl.conf
sudo service apache2 restart

Step 6: Testing Your Configuration Open your browser and navigate to https://localhost. You should see your Apache default page served over HTTPS. If you encounter any issues, double-check your configuration files and certificate paths. 

Conclusion By following these steps, you’ve successfully installed SSL on your local Apache server running on WSL2 with Ubuntu. This setup not only enhances your development environment’s security but also allows you to test SSL implementations before deploying to production. Remember, while self-signed certificates are great for development, they’re not suitable for production environments. For live websites, always obtain SSL certificates from a trusted CA. For more detailed instructions and troubleshooting, you can refer to community-driven resources and discussions, such as those found on Stack Overflow and other developer forums. 

Happy secure coding!