Installing an SSL Certificate: Apache & mod_ssl

1. First of all, extract all the contents of the email that was sent to you. We recommend each block saved as certificate.crt for the first block (either PEM or PKCS7), bundle.crt for the third block (intermediate) and root.crt for the last block (root).

2. Move all of the certificate related files to their appropriate directories on your server.

For example:

  • Move the private key that was generated earlier to the ssl.key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access. 
  • Move the yourDomainName.crt and yourDomainName.ca-bundle to the ssl.crt directory, which is often found in the /etc/ssl/ directory.

3. Edit the file that contains the SSL configuration with your text editor.

Apache Configuration File:

Fedora/CentOS/RHEL: /etc/httpd/conf/httpd.conf

Debian and Debian based: /etc/apache2/apache2.conf

SSL Configuration File:

Some possible names:
httpd-ssl.conf
ssl.conf
In the /etc/apache2/sites-enabled/ directory.

Please note that you may need to refer to your distribution"s documentation on Apache and SSL.

4. In the VirtualHost section of the file, add these directives:

SSLEngine on
SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle
***Please us SSLCACertificateFile instead of SSLCertificateChainFile on Apache v1.x

5. Finally, save your config and restart the Apache service.

Is article helpful?