(6 votes, average: 4.83 out of 5)
Loading...
Ready to secure your Apache web server like a pro? It is a breeze to install SSL Certificate on Apache with our step-by-step guide. No more worrying about cyber threats; encrypt your website with ease and take control of your online security.
Before Generating CSR and Installation, you need to Purchase SSL Certificate!
~ Starts at Just $3.99
Creating a CSR on Apache is a crucial step in acquiring an SSL certificate. This small text file contains information about your domain and/or company and must be submitted to the Certificate Authority (CA) during the SSL application process.
You have two options to generate the CSR: automatically using a CSR Generator or manually generating it. Once the CA has signed and sent the SSL Certificate, you can proceed with the installation on your Apache server.
Also Read: How to Install an SSL in Apache OpenSSL?
Once the CA has signed and sent the SSL Certificate, you can proceed with the installation on your Apache server. These are the steps.
Retrieve and unzip the following files from the zip folder provided by your Certificate Authority:
Failure to include the chain of intermediate and root certificates may result in your site being marked as insecure.
Tip: If the CA bundle certificates are in separate files, upload them to your server and use the following command to create a single CA bundle file:
cat CERTERARSADomainValidationSecureServerCA.crt CERTERARSAAddTrustCA.crt AddTrustExternalCARoot.crt >> bundle.crt
This example is for a Certera SSL certificate.
To edit the Apache configuration, you need to find the correct file. The location of the file may vary depending on the server and operating system version.
Common directories to search in include: etc/httpd/, /etc/apache2/ or /etc/httpd/conf.d/ssl.conf.
Please Note: If you are using an Apache server running on Ubuntu OS, you should use the specific SSL installation instructions for Ubuntu.
To proceed with the installation you need to make changes to the Virtual Host section of the Apache configuration file. Before making any changes, it’s advisable to back up the existing configuration file. Simply copy the *.conf file and rename it to *.conf_backup.
Now, you’re ready to edit the Virtual Host. A sample Virtual Host looks like this:
<VirtualHost *:443>
ServerAdmin [email protected]
DocumentRoot /var/www/
ServerName example.com
ErrorLog /var/log/apache2/error.log
SSLEngine on
SSLCertificateFile /etc/ssl/certs/example.crt
SSLCertificateKeyFile /etc/ssl/private/example.key
SSLCertificateChainFile /etc/ssl/certs/example.ca-bundle
</VirtualHost>
Note: The Virtual Host directive should specify port 443 to listen to encrypted HTTPS traffic, and the SSLEngine directive should be set to on to enable SSL encryption. The SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile directives should specify the location of your SSL certificate, private key, and CA bundle files, respectively.
The attributes in bold need to be updated with the details of your SSL certificate files. Make sure there are no comment signs ‘#’ before the attributes, if there are, uncomment them.
Replace the file names with the location and names of your SSL certificate files:
Now that you have finished editing the Apache configuration file, it’s time to save your changes and restart the server. To do so, run one of the following commands:
If you encounter any issues during the restart process, don’t worry! You created a backup of the configuration file in step 3, so all you have to do is delete the modified file and revert to the backup. Then, repeat the installation process.
If everything goes smoothly, your apache SSL installation is done.
After completing the SSL installation on Apache, utilize one of the top SSL tools available to assess the status of your installation. These quick scans will uncover any errors or security weaknesses that could hinder the performance of your certificate.
CheapSSLWeb is your one-stop shop for the Best SSL Certificates with unbeatable prices and top-notch security features, you can protect your website without breaking the bank.