Enable TLS/SSL on Apache – RHEL 9

Step 1 – Enable mod_ssl

dnf install -y mod_ssl && systemctl restart httpd

Step 2 – Generate self-signed certificate

openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout /etc/ssl/private/apache-selfsigned.key \
    -out /etc/ssl/certs/apache-selfsigned.crt \
    -subj "/CN=example.com"

Step 3 – SSL virtual host

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://example.com/
</VirtualHost>

<VirtualHost *:443>
    ServerName example.com
    DocumentRoot /var/www/example.com/html
    SSLEngine on
    SSLCertificateFile    /etc/ssl/certs/apache-selfsigned.crt
    SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
    SSLProtocol           all -SSLv3 -TLSv1 -TLSv1.1
    SSLCipherSuite        HIGH:!aNULL:!MD5
    SSLHonorCipherOrder   on
    Header always set Strict-Transport-Security "max-age=63072000"
    <Directory /var/www/example.com/html>
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Step 4 – Reload

apachectl configtest && systemctl reload apache2 2>/dev/null || apachectl configtest && rcctl reload apache2

For a real certificate see Certbot Apache guide.