(13 votes, average: 5.00 out of 5)
Loading...How to Install SSL Certificate on Apache Ubuntu Server?
(13 votes, average: 5.00 out of 5)Loading...
The process of installing an SSL certificate on an Ubuntu server is straightforward and can be completed in a few simple steps.
Before you begin, purchase a trusted SSL certificate from a reputable provider. Once you have your certificate, you can use the terminal on your Ubuntu server to install and configure it.
In this guide, we will walk you through how to install an SSL certificate Ubuntu. Let’s get started.
Start with Generating a CSR for the Apache Ubuntu Server
The first step is to generate a CSR code, also known as a Certificate Signing Request. This request is sent to a Certificate Authority (CA) to apply for a digital certificate for your website.
There are two options available:
- Utilize a CSR Generator Tool to create the CSR automatically
- Manually generate the CSR on Ubuntu
Once the CSR is generated, it should be saved in a text editor such as Notepad and submitted to the Certificate Authority during the order process. After the CA validates the request and issues the SSL certificate, you can move on to installing it on your Ubuntu server.
Steps to Install SSL Cert on Ubuntu Server with Apache2
To ensure a seamless installation of your SSL certificate on Ubuntu or Ubuntu enable SSL, follow these steps carefully:
Step 1: Copy your Certificate Files to your Server
Once the validation process is completed, the Certificate Authority will send the SSL certificate files to you via email. Download the archived folder, extract the server and intermediate certificates or CA Bundle, and upload them to your Ubuntu server in a specific directory.
Ensure you have the following files ready for upload:
- certificate.crt
- Ca-bundle.crt
- Private.key
By default, the directory for your certificate.crt and ca_bundle.crt files is /etc/ssl/ and for your private.key file is /etc/ssl/private/.
Step 2: Edit the Apache.config file
The Apache.config file is usually located in /etc/apache2/sites-enabled/your_site_name. If you can’t find it there, run the following command:
sudo a2ensite your_site_nameThen open the Apache.config file with a text editor of your choice.
Note: if you want to access your site through both HTTP and HTTPS, you need to have two separate files in the sites-enabled folder, one for port 80 (HTTP) and another for port 443 (HTTPS).
Also Read: Port 80 (HTTP) vs. Port 443 (HTTPS)
Step 3: Configure the Virtual Host Block
This will make your site accessible only through the secure HTTPS protocol. Your default Virtual Host block should look like this:
DocumentRoot /var/www/site
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/yourdomain.crt
SSLCertificateKeyFile /path/to/yourdomain.ke
SSLCertificateChainFile /path/to/yourdomain.crtMake sure to adjust the Virtual Host block based on your SSL certificate details:
- In the SSLCertificateFile parameter, update the location of your SSL certificate file
- In the SSLCertificateKeyFile parameter, provide the location of the private key file created during the CSR generation
- In the SSLCertificateChainFile parameter, provide the location of the intermediate certificate file or CA Bundle
Note: If the SSLCertificateFile directive doesn’t work, use the SSLCACertificateFile instead.
Verify the Virtual Host block, and save the .config file.
Step 4: Test the .config File
Run the apachectlConfigtest command to test your .config file for potential errors. If there is an issue with the configuration, go back and repeat the previous steps. If it works correctly, proceed to the final step.
Step 5: Restart Apache
Use the apachectl stop and apachectl start commands to restart Apache.
Done Installation
Great job! Your SSL certificate has been successfully installed on your Ubuntu server. To ensure your SSL installation is valid, utilize SSL tools that offer immediate status updates.
