Installing a SSL Certificate in Apache Server


Generating a CSR Certificate in Apache
1. First, begin with Copying the Certificate Files to your specific Server. This can be accomplished by Downloading the Intermediate and Primary Certificates which are saved as your_domain_name.crt. These files can be found in your Customer Area. Copy these to the directory on your Server in which you keep the certificates and key files; making sure they are readable by Root ONLY.

2. Next, Find the Apache Config File so that you can Edit it. The main configuration file is normally saved as httpd.conf or apache2.conf. The locations in which these files may be located include: /etc/httpd/ or /etc/apache2/. In many instances, the SSL Certificate Configuration may be located in < VirtualHost> block located in another configuration file. The configuration files may also be located in a directory like /etc/httpd/vhosts.d/, /etc/httpd/sites/ or located in another file such as httpd-ssl.conf. Here is an example of how to find the SSL Configuration on the Linux Distributions. You can do this by searching using grep. You can type the following command: grep -i -r "SSLCertificateFile" /etc/httpd/ where "/etc/httpd/" is the base directory for the Apache installation.

3. The Next step is to Identify the SSL < VitrualHost> block for configuration. In order to have your site be accessible through both non-secure and secure connections, you must have a virtual host for each connection type.

4. During this Step, how to Configure the < VitrualHost> block for the SSL-Enabled Site will be described. Here is an example of how to configure a virtual host for SSL. The bold portions are those parts that are required for SSL configuration. Make sure that you change the file names so that they correspond to your Certificate files.

< VirtualHost 192.168.0.1:443> DocumentRoot /var/www/html2 ServerName www.yourdomain.com SSLEngine on SSLCertificateFile /path/to/your_domain_name.crt SSLCertificateKeyFile /path/to/your_private.key SSLCertificateChainFile /path/to/DigiCertCA.crt < /VirtualHost>

NOTE: SSLCertificateFile should correspond to your certificate file which is identified as your_domain_name.crt. The SSLCertificateKeyFile is the Key file that was created when the CSR was created. The SSLCertificateChainFile is the Intermediate Certificate File.

5. Next, it is time to Test the Apache Configuration before Restarting or Rebooting your Server. It is important to check the Apache Configuration files for any errors or mistakes prior to rebooting the server. With Apache, it will not start again if the Configuration files have Syntax Errors. At this time run the following command: apachect1 configtest

6. Now, the next step is to Restart the Apache. You can use the following commands to stop and start Apache using SSL Support. For Apache Stop use the command: apachect1 stop; and for Apache Start use the command: apachect1 start.

Generating a CSR Certificate in Apache
Back To Guides