In order to provide Transport Layer Security (TLS), same as for its predecessor Secure Sockets Layer (SSL), it is not compulsory to use a digital certificate issued by one of the well-known (trusted) certification authorities (CA), in case when authentication of the server is not of a particular interest. The so-called self-signed certificate (i.e. an identity certificate signed by the same entity whose identity it should certify) is able to ensure that the connection is secure.
1) Generate self-signed certificate, depending on the particular server environment (e.g. using keytool).
2) Configure the server to serve the requests over HTTPS.
3) Inform the client about the need to whitelist the self-signed certificate.
apache2-ssl-certificate
a2enmod ssl
Listen 443
ServerName earth.my.flat
DocumentRoot /var/www/
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem