Preliminary Steps

- Install apache (sudo apt-get install apache2)

Run the SSL certificate generating script

/usr/sbin/apache2-ssl-certificate -days 365

An alternative is to modify the /usr/sbin/apache2-ssl-certificate script itself. If you open this script with an editor, you can see that it's just a thin shell over native openssl commands. Make a back up this script. You'll see a portion in it that looks like this:

export RANDFILE=/dev/random
openssl req $@ -config /usr/share/apache2/ssleay.cnf \
  -new -x509 -nodes -out /etc/apache2/ssl/apache.pem \
  -keyout /etc/apache2/ssl/apache.pem

export RANDFILE=/dev/random
openssl req $@ -config /usr/share/apache2/ssleay.cnf \
  -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem \
  -keyout /etc/apache2/ssl/apache.pem

apache2-ssl-certificate

Enable SSL

a2enmod ssl

Establish a necessary symlink

cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
ln -s /etc/apache2/sites-available/ssl /etc/apache2/sites-enabled/ssl

Set up the document roots

cd /var/www
mkdir html
cd /var
mkdir www-ssl
cd www-ssl
mkdir html

Configure virtual hosts

To configure HTTP over port 80 (edit /etc/apache2/sites-available/default):

NameVirtualHost *:80
(Note: Look down just a bit and make a change to the virtual host settings.)
<VirtualHost *:80>
ServerName localhost
DocumentRoot /var/www/html
(Note: Use your assigned IP or DNS name followed with ":80" if you have one for ServerName).

Similar procedure for HTTPS over port 443 (edit /etc/apache2/sites-available/ssl):

NameVirtualHost *:443
(Note: Look down just a bit and make a change to the virtual host settings.)
<VirtualHost *:443>
ServerName localhost
DocumentRoot /var/www-ssl/html
(Note: Again, use your assigned IP or a DNS name followed with ":443" if you have one for ServerName.)

Instruct apache2 to listen to 443

Go to this file /etc/apache2/ports.conf and add the following to it:

Listen 443

<IfModule mod_ssl.c>
    Listen 443
</IfModule>

Turn on the SSL engine

In the middle of /etc/apache2/sites-available/ssl file, after the commented area which says "# Possible values include: debug, info, notice, warn, error, crit..." add the following:

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem

Make an /etc/hosts tweak (if need be) -- and restart apache

When starting and stopping Apache there may be a complaint such as "Could not determine the server's fully qualified domain name, using 127.0.1.1 for ServerName". You may encounter this if you don't have a DNS name for your server, and are just using a dynamic IP. If this applies to you, go into your /etc/hosts file and make the following changes. Basically, we'll be adding "localhost.localdomain" to the 127.0.0.1 IP and whatever system name you chose when you installed Ubuntu (assuming you've not changed it). The final line below should be there if you have a static IP, and corresponding DNS name registered to it. If this is the case, earlier steps that wanted ServerName should have a value which corresponds to the DNS name also indicated here.

127.0.0.1 localhost localhost.localdomain {your system name}
127.0.1.1 {your system name}
{static IP if you you have one} {fully qualified DNS host name if you have one}

ServerName localhost

cd /etc/init.d
./apache2 restart

Related articles:
Creating a self-signed SSL certificate (Linux overall)
Apache2 SSL howto