Skip to content

Instantly share code, notes, and snippets.

@marlocorridor

marlocorridor/install-ssl-apache.md

Forked from ccschmitz/install-ssl-apache.md
Created June 12, 2020 06:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save marlocorridor/d50f1f7e1f5af8f2eef130d9d1b348cc to your computer and use it in GitHub Desktop.
Save marlocorridor/d50f1f7e1f5af8f2eef130d9d1b348cc to your computer and use it in GitHub Desktop.
Download ZIP
How to install an SSL certificate on an Apache server.
Raw
install-ssl-apache.md

Installing an SSL certificate on Apache

  1. Create a private key:
openssl genrsa 2048 > private-key.pem
  1. Create a Certificate Signing Request (CSR):
openssl req -new -key private-key.pem -out csr.pem
  1. When you get a response with your certificate, you'll need upload them to your server:
scp ./STAR_yourdomain_com/* yourdomain:/home/ubuntu/cert/new-cert

Note: This assumes there is a yourdomain alias in your ~/.ssh/config.

  1. Then you'll need to concatenate all the files to create your SSL bundle:
cat STAR_yourdomain_com.crt COMODORSAOrganizationValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt
  1. Configure Apache to work with the new files you created:
<VirtualHost *:443>
  ServerName *.yourdomain.com
  SSLEngine on

  SSLCertificateFile /home/ubuntu/cert/STAR_yourdomain_com.crt
  SSLCertificateKeyFile /home/ubuntu/cert/private-key.pem
  SSLCertificateChainFile /home/ubuntu/cert/ssl-bundle.crt
  SSLCACertificateFile /home/ubuntu/cert/AddTrustExternalCARoot.crt
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment