So we want everything encrypted while traversing the internet, our solution – SSL everything. First, we need to get ourselves an SSL certificate. Commercial ones are great because they’re already on major browsers and won’t trigger those nasty warnings. Encryption-wise though, they’re just the same as self-signed ones.
1. Create a self-signed certificate:
yum install mod_ssl mkdir /etc/httpd/ssl openssl req -new -x509 -days 365 -nodes -out /etc/httpd/ssl/httpd.pem -keyout /etc/httpd/ssl/httpd.key
2. Configure apache to use the self-signed certificate
<VirtualHost 12.34.56.78:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/httpd.pem
SSLCertificateKeyFile /etc/httpd/ssl/httpd.key
ServerAdmin info@mydomain.com
ServerName www.mydomain.com
DocumentRoot /srv/www/mydomain.com/public_html/
ErrorLog /srv/www/mydomain.com/logs/error.log
CustomLog /srv/www/mydomain.com/logs/access.log combined
</VirtualHost>
3. Redirect http to https
<VirtualHost 12.34.56.78:80>
ServerAdmin info@mydomain.com
ServerName www.mydomain.com
Redirect permanent / https://www.mydomain.com/
DocumentRoot /srv/www/mydomain.com/public_html/
ErrorLog /srv/www/mydomain.com/logs/error.log
CustomLog /srv/www/mydomain.com/logs/access.log combined
</VirtualHost>
References:
azneita projects 
In 3. all directives you really need is 4th, all others is redundant. I use such solution for webmail clients (Roundcube, etc.).
LikeLike
Try this free service for SSL certs. The free certificates it produces are recognized by all major browsers. Since, you’re forcing it on, might as well make the website more friendly for visitors.
LikeLike
I found GoDaddy’s Free SSL for Open Source projects more straightforward.
LikeLike