Knowledge Base

Install an SSL Certificate for Apache mod_ssl

Apache mod_ssl is a strong cryptographic method for securing Apache servers using SSL or TLS. This guide will walk you through the installation of your certificate.

These are the steps you need to follow to install SSL for Apache mod_ssl:

  1. Open the ZIP file that you received. Copy all of them to the server where you want to install the certificate.
    There will usually be two files there: yoursitename.crt and yoursitename.ca-bundle.
  2. Find the private key that you generated earlier. Move it to the ssl.key folder. You can usually find this folder in /etc/ssl/. Make sure that only Apache can access it.
  3. Transfer the yoursitename.crt and yoursitename.ca-bundle files to the ssl.crt folder. You can usually find it in the /etc/ssl/ folder.
  4. Open the file with the SSL configuration. Use a plain text editor for this.

    Apache Configuration File:
    Fedora/CentOS/RHEL /etc/httpd/conf/httpd.conf
    Debian and Debian based /etc/apache2/apache2.conf

    SSL Configuration File:

    Here are some sample names:
    • httpd-ssl.conf
    • ssl.conf
    • In the /etc/apache2/sites-enabled/ directory.

    NOTE: Please check the documentation for your distribution, especially concerning Apache and SSL. Alternatively, if necessary, consult the Apache Foundation's Apache2 Documentation.

  5. Find the section of the file relating to VirtualHost. Add the following folders if they are not there already. As always when adding new code, please comment out the already-existing commands and add the new ones.
    SSLEngine On
    SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    SSLCertificateFile /etc/ssl/ssl.crt/yoursitename.crt
    SSLCertificateChainFile * /etc/ssl/ssl.crt/yoursitename.ca-bundle

    * - If you are using Apache 1.x then you will need to use SSLCACertificateFile, not SSLCertificateChainFile.


    NOTE: The paths given above are only examples. Your paths may be different and you should modify them accordingly.

  6. Save your changes to the configuration file. Then restart Apache.

Congratulations, you're done.

Did you find this article helpful?

* Your feedback is too short