To complete SSL certificate installation on the Apache server, you need below 3 keys.
- SSLCertificateKeyFile: Server private key created with CSR key
- SSLCertificateFile: Your Certificate Issuer will provide domain certificate signed for your domain name only.
- SSLCertificateKeyFile: Publicly trusted SSL certificate issued by Certificate Authorities.
- Download/copy SSL certificate code received from Certificate Issuer and save file as mydomain.crt
(-----BEGIN CERTIFICATE----- XXXXXXX -----END CERTIFICATE-----)
- Get certificate issuer intermediate and root certificates. Contact your ssl certificate issuer to get correct version. Save file as rootca.crt
- Upload both certificate files on server
(/path/to/mydomain.crt and /path/to/rootca.crt)
- Login server and find Apache Configuration file (httpd.conf) to edit.
General installation find apahce configuration files in /etc/httpd and the main configuration file is named as httpd.conf. You should edit
- Identify the <VirtualHost> block to configure ssl certificate. Below is very simple example of virtual host configuration.
<VirtualHost 192.168.0.1:443> DocumentRoot /var/www/yourdomain ServerName www.yourdomain.com SSLEngine on SSLCertificateChainFile /path/to/rootca.crt SSLCertificateFile /path/to/mydomain.crt SSLCertificateKeyFile /path/to/private.key </VirtualHost>
You should configure a new virtual host for each new website and sub-domains.
- Command to test Apache config before restarting.
- Restart Apache service to activate SSL certificate installation changes. Command to restart Apache service.
apachectl stop apachectl start