How to install SSL in apache linux Servers

Posted in Tutorial May 14, 2018


This is a quick tutorial how you can install ssl in apache servers running  linux operating systems ( centOS , ubuntu etc ). The process is very simple as it sounds , you just need to setup SSL keys to your servers , infact thats all we need to do to install SSL ( Secure Shocket Layer ) certificates in any websites hosted in linux Apache Servers , the process is pretty simple , we will be providing step by step process to install ssl in apache, Before you start the process , You should know following files to proceed further and should have little idea about:.
  • Certificate Signing Request ( CSR ) used to request server certificate from Commercial SSL providers or Self Signed Certificate eg. domain.csr
  • Private Key , which is generated along with CSR eg. domain.com.key
  • Certificate from SSL provider or Self Signed Certificate eg. domain.com.crt
  • Certificate Authority Certificate which comes along with Server Certificate , eg. domain.com-ca.crt
Now you have ideas about these files , we are ready to proceed further , and follow the  steps , we are assuming you already have openssl installed and install ssl in Apache running on Linux servers

Step 1: Login into your Server and to website directory from your console , this can be different as per your configuration , i am taking a simple example for basic Apache configuration

#ssh root@domain.com

#mkdir  /etc/httpd/certs/

#mkdir /etc/httpd/certs/sslkeys 

#cd /etc/httpd/certs/sslkeys

Step 2: Now you should be in ssl-keys folder and generate a CSR key which will generate domain.CSR and domain.KEY files and use the command.
#openssl req -new -newkey rsa:2048 -nodes -keyout domain.com.key -out domain.com.csr
Step 3: You should have two keys now and copy the Content of domain.com.csr
#vim domain.com.csr
Step 4: Now go to any SSL Providers like RapidSSL , Godaddy etc . Once you put in CSR key content , you should get two files emailed to your email once you complete the steps .
# domain.com.crt
# domain.com.ca.crt
Step 4 : Now Your have all required four files, though .csr file will no longer be used as its task is completed,so , basically you need three keys  and copy those files to the ssl-keys folder and follow the steps below.
#yum install mod_ssl -y
#cp domain.com.crt domain.com.ca.crt /etc/httpd/certs/sslkeys
Step 5 : Now you need to configure ssl.conf file which is located in /etc/httpd/conf.d/ssl.conf and make sure you add the following code , replace domain.com with respective domain name.
# vi /etc/httpd/conf.d/ssl.conf
<VirtualHost *:443> 
    DocumentRoot /var/www/domain.com/public_html 
    ServerName domain.com 
    ServerAlias www.domain.com
    SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW 
    SSLCertificateFile /etc/httpd/certs/sslkeys/domain.com.crt 
    SSLCertificateKeyFile /etc/httpd/certs/sslkeys/domain.com.key 
    SSLCACertificateFile  /etc/httpd/certs/sslkeys/domain.com.ca.crt 
<Directory /var/www/domain.com/public_html> 
    AllowOverride All 
</Directory> 
</VirtualHost>
step 6: Once every this is all set up just just restart your apache service and you are good to go and test with your website and install ssl in apache is completed
# systemctl restart httpd.service
Step 7: go to browser and test if its working or not,





sangv. Info