Install – Installing your Certificate on Apache with mod_ssl

Installing your Certificate on Apache with mod_ssl

Extract all of the contents of the ZIP file that was sent to you and copy/move them to your server. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle

Note: If you received several .crt files in your ZIP file please use the “How do I do my own ca-bundle” article to make yourDomainName.ca-bundle

  1. Move all of the certificate related files to their appropriate directories.

    A typical setup:

    1. Move the Private Key that was generated earlier to the key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access.
    2. Move the crt and yourDomainName.ca-bundle to the ssl.crt directory, which is typically found in the /etc/ssl/ directory.
  1. Edit the file that contains the SSL configuration with your favorite text editor.
    Examples: nano, vi, pico, emacs, mousepad, notepad, notepad++, etc.

Note: The location of this file may vary from each distribution. It will be referenced in the Apache global configuration file. Look for the lines starting with include.

Apache Configuration File:

  1. Fedora/CentOS/RHEL: /etc/httpd/conf/httpd.conf
  2. Debian and Debian based: /etc/apache2/apache2.conf

SSL Configuration File:

Some possible names:

  1. httpd-ssl.conf
  2. conf
  3. In the /etc/apache2/sites-enabled/

Note: If needed be please consult your distribuiton’s documentation on Apache and SSL or navigate to the Apache Foundation’s Apache2 Documentation.

  1. In the VirtualHost section of the file please add these directives if they do not exist. It is best to comment out what is already there and add the below entries.
  2. SSLEngine on SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
  3. SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
  4. SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle ***

*** Apache 1.x:
Please use SSLCACertificateFile instead of SSLCertificateChainFile.

Note: The above paths in the directives are only used as examples. Your server may have a different path and may need to be modified to suit your needs.

  1. Save your config file and restart the Apache servi

Comments are closed.