Configure SSL for Laravel 12 on Ubuntu Apache
- Jul-17-2025
- Techsolutionstuff
-
Laravel
Other
When I deployed my Laravel 12 app on an Ubuntu server running Apache, I knew adding an SSL certificate to enable HTTPS was critical. HTTPS encrypts data, protects user information like passwords, and boosts SEO and trust.
Using a free SSL certificate from Let’s Encrypt, I secured my app quickly and easily. In this guide, I’ll walk you through how I configured an SSL certificate on an Ubuntu Apache server for my Laravel 12 app, assuming it’s hosted on an AWS EC2 instance.

Prerequisites
Before starting, ensure you have:
- A Laravel 12 app deployed on an Ubuntu server (e.g., AWS EC2).
- A domain name pointing to your server’s public IP (required for Let’s Encrypt).
- Apache installed and configured for your Laravel app.
- SSH access to your server.
- Basic terminal command knowledge.
Let’s secure your Laravel app!
Step-by-Step Guide to Configure SSL on Ubuntu Apache
Step 1: Install Apache and Required Modules
I ensure Apache is installed with PHP 8.1 (required for Laravel 12) and enable necessary modules for SSL and Laravel routing:
sudo apt update
sudo apt install -y apache2 libapache2-mod-php8.1
sudo a2enmod rewrite ssl
I confirm Apache is running:
sudo systemctl start apache2
sudo systemctl enable apache2
Step 2: Install Certbot for Let’s Encrypt
Let’s Encrypt offers free SSL certificates, and Certbot automates the setup. I install Certbot with its Apache plugin:
sudo apt install -y certbot python3-certbot-apache
Step 3: Obtain an SSL Certificate
I use Certbot to request an SSL certificate for my domain:
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com
Replace yourdomain.com with your domain. Certbot will:
- Request an email for renewal notifications.
- Ask you to agree to Let’s Encrypt’s terms.
- Verify your domain points to your server’s IP.
- Install the SSL certificate and update Apache.
The certificate is stored in /etc/letsencrypt/live/yourdomain.com/.
Step 4: Configure Apache for Laravel with SSL
Certbot updates Apache, but I verify the virtual host configuration for my Laravel app at /var/www/laravel. I edit the virtual host file:
sudo nano /etc/apache2/sites-available/laravel.conf
My configuration looks like this:
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect permanent / https://yourdomain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/laravel/public
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
<Directory /var/www/laravel/public>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/laravel-error.log
CustomLog ${APACHE_LOG_DIR}/laravel-access.log combined
</VirtualHost>
This setup:
- Redirects HTTP to HTTPS.
- Serves the Laravel
publicdirectory. - Enables SSL with Let’s Encrypt certificates.
- Supports Laravel’s
.htaccessrouting.
I enable the virtual host and restart Apache:
sudo a2ensite laravel.conf
sudo apache2ctl configtest
sudo systemctl restart apache2
Step 5: Update Laravel’s Configuration
To ensure my Laravel app uses HTTPS, I edit the .env file:
nano /var/www/laravel/.env
I update:
APP_URL=https://yourdomain.com
For forced HTTPS, I modify config/app.php:
'url' => env('APP_URL', 'https://yourdomain.com'),
'force_scheme' => 'https',
I clear the configuration cache:
cd /var/www/laravel
php artisan config:cache
I also set permissions:
sudo chown -R www-data:www-data /var/www/laravel
sudo chmod -R 775 /var/www/laravel/storage /var/www/laravel/bootstrap/cache
Step 6: Set Up Automatic Certificate Renewal
Let’s Encrypt certificates expire every 90 days. Certbot includes a cron job for renewal, which I test:
sudo certbot renew --dry-run
If successful, renewals are automated.
Step 7: Test Your HTTPS Setup
I visit https://yourdomain.com in my browser. My Laravel app should load with a padlock icon. I verify the certificate using an SSL checker like SSL Labs.
If issues occur, I check Apache logs (/var/log/apache2/laravel-error.log) or Laravel logs (/var/www/laravel/storage/logs).
Step 8: Enhance Security (Optional)
To improve security, I:
- Enable HTTP/2 (if supported):
sudo a2enmod http2 sudo systemctl restart apache2Add to virtual host:
Protocols h2 http/1.1 - Add security headers:
Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Content-Type-Options "nosniff" Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" - Restart Apache:
sudo systemctl restart apache2
Conclusion
Configuring an SSL certificate on my Ubuntu Apache server for my Laravel 12 app was straightforward with Let’s Encrypt. HTTPS now protects my users’ data, boosts SEO, and builds trust. This guide made the process simple, and I hope it helps you secure your app too.
FAQs
Q: Why do I need an SSL certificate for my Laravel app?
A: SSL enables HTTPS, encrypting data, protecting users, and improving SEO.
Q: Can I use a paid SSL certificate with Apache?
A: Yes, buy from providers like DigiCert and configure it in your virtual host.
Q: What if my domain isn’t pointing to my server?
A: Update your A record to your server’s public IP and wait for DNS propagation.
Q: Why does my site show “Not Secure” after SSL setup?
A: Ensure the certificate is installed correctly and all resources load over HTTPS.
Q: How do I renew my Let’s Encrypt certificate?
A: Certbot automates renewals. Test with sudo certbot renew --dry-run.
You might also like :
- Read Also: Secure Laravel 12 with HTTPS and SSL Certificate
- Read Also: How to Install MySQL Workbench on Ubuntu
- Read Also: How to Install php-zip Extension in Ubuntu 24.04
- Read Also: How To Upgrade From Ubuntu 18.04 to 20.04
Techsolutionstuff | The Complete Guide
I’m a software engineer and the founder of techsolutionstuff.com. Hailing from India, I craft articles, tutorials, tricks, and tips to aid developers. Explore Laravel, PHP, MySQL, jQuery, Bootstrap, Node.js, Vue.js, and AngularJS in our tech stack.
RECOMMENDED POSTS
FEATURE POSTS
TOOLS
POPULAR TAGS
RECENT POSTS
-
1
-
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10








Comments