//啟動 SSL 模組
sudo a2enmod ssl

//產生私密金鑰 (Private Key)
openssl genrsa -out server.key 2048
//產生憑證申請檔 (Certificate Signing Request)
openssl req -new -key ./server.key -out server.csr

// 國碼
Country Name (2 letter code) [AU]:TW
//國名
State or Province Name (full name) [Some-State]:Taiwan
//城市名
Locality Name (eg, city) []:Taipei
//組織名稱
Organization Name (eg, company) [Internet Widgits Pty Ltd]: XXXXX Co., Ltd
//部門名稱
Organizational Unit Name (eg, section) []: IT
//申請憑證名稱
Common Name (eg, YOUR name) []:www.xxx.com.tw
//聯絡信箱
Email Address []:.

//以下選填
Please enter the following 'extra' attributes
to be sent with your certificate request
//憑證密碼
A challenge password []:.
//公司名稱
An optional company name []:.

接著用憑證申請檔去申請憑證
申請好憑證後接著將憑證安裝在 apache 上面

sudo vi /etc/apache2/sites-available/default-ssl.conf

#憑證路徑
SSLCertificateFile       /etc/apache2/SSL/XXX.crt
#私鑰路徑
SSLCertificateKeyFile    /etc/sapache2/SSL/server.key
#SSL伺服器數位憑證/中間憑證路徑
SSLCertificateChainFile  /etc/apache2/SSL/SectigoRSADomainValidationSecureServerCA.crt

//重新啟動 apache
sudo /etc/init.d/apache2 restart