After generating Certificate Signing Request (CSR) for Apache, the next step is to install an SSL certificate on Apache. To secure communication over the server, you need to install an SSL certificate properly on the server. In this helpful article, we will reveal about SSL certificate installation process on Apache & Mod_SSL.
Install SSL Certificate on Apache with Mod_SSL
- You will have a zip file usually sent by the certificate authority, this file contains the main certificate file and root and intermediate certificate files (CA Bundle). Extract these files to the server.
- First, move all-important files like a private key to ssl.key directory (created with the CSR) that can be found in /etc/ssl/.
- Now, move certificate file (mydomain.crt) and CA bundle (root and intermediate files) to ssl.crt directory that is also found in /etc/ssl/ directory.
- Now, open Apache httpd.conf file with text editor, notepad or, notepad++. You will have SSL configuration file with names like httpd-ssl.conf and ssl.conf in In the /etc/apache2/sites-enabled/ directory.
PS. It may happen that the location of the file may differ from each distribution. Look for the lines that begin with Include in Apache Global Configuration File.
- Go to Apache Configuration File. If you are using Fedora/CentOS/RHEL operating system, you will have below Apache configuration file:
- If you are using Debian and Debian based operating systems, you will have below Apache configuration file:
- You will have SSL configuration file with names like httpd-ssl.conf and ssl.conf in the /etc/apache2/sites-enabled/ directory.
- Browse the VirtualHost section of the file and add the below directives if they are not present.
SSLEngine on SSLCertificateKeyFile /etc/ssl/ssl.key/server.key SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle ***
- You can see the below file in Apache 2.x version.
Apache 2.x: SSLEngine on SSLCertificateKeyFile /etc/ssl/ssl.key/server.key SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle
- At last, save your config file and restart the Apache server.
We suggest you check your website using the SSL checker tool, it will help you find SSL errors.
- How to Fix “ERR_SSL_PROTOCOL_ERROR” on Google Chrome
- NET::ERR_CERT_COMMON_NAME_INVALID IN CHROME – How to Fix?
- Steps to resolve the ‘NET ERR_CERT_AUTHORITY_INVALID’ Error in Google Chrome
- How to Install SSL certificate on Oracle WebLogic Server?
- Install SSL Certificate on Microsoft IIS 10
- How to Install an SSL Certificate on Tableau Server
- How to Install SSL Certificate on Tomcat Web Server?