mkcert is amazing tool to create self signed certificates. No configuration is needed. You can get it here.

Create a local CA with mkcert -install(mine is already created):

root@ubuntu-local:~# mkcert -install
The local CA is already installed in the system trust store! 👍

The syntax to generate a new certificate is:

mkcert -key-file [path/to/key.pem] -cert-file [path/to/cert.pem]

Creating a new certificate for my wordpress instance:

root@ubuntu-local:~# mkcert -key-file /etc/ssl/private/wordpressubuntu_key.pem -cert-file /etc/ssl/certs/wordpressubuntu_cert.pem

Created a new certificate valid for the following names 📜
 - ""

The certificate is at "/etc/ssl/certs/wordpressubuntu_cert.pem" and the key at "/etc/ssl/private/wordpressubuntu_key.pem" ✅

It will expire on 15 October 2023 🗓

Update your configuration file(I’m using Apache):

root@ubuntu-local:~# cat /etc/apache2/sites-available/wordpress_local.conf
<VirtualHost *:443>

	ServerAdmin admin@localhost
	DocumentRoot /var/www/vhosts/wordpress

	ErrorLog ${APACHE_LOG_DIR}/wordpressubuntu.log
	CustomLog ${APACHE_LOG_DIR}/wordpressubuntu.access.log combined

	SSLEngine on
	SSLCertificateFile /etc/ssl/certs/wordpressubuntu_cert.pem
	SSLCertificateKeyFile /etc/ssl/private/wordpressubuntu_key.pem


Restart your webserver, add an entry in /etc/hosts, and browse to

root@ubuntu-local:~# curl -s -o /dev/null -w "%{http_code}" ; echo

If you run the previous command with https on a website that’s listening on port 80, you’ll get a status code of 000:

### 443
root@ubuntu-local:~# curl -s -o /dev/null -w "%{http_code}" ; echo

### 80
root@ubuntu-local:~# curl -s -o /dev/null -w "%{http_code}" ; echo

“I have not failed. I've just found 10,000 ways that won't work.”Thomas A. Edison