The following instructions will guide you through the SSL Certificate installation process on Apache Servers (OpenSSL). If you have more than one server or device, you will need to install the certificate on each server or device you need to secure.
- Find the apache config file to edit
The main config file is typically named httpd.conf or apache2.conf and can be found either: /etc/httpd or: /etc/apache2/
Note: The SSL certificate config file can be located in a <VirtualHost> block in a different config file. You can always search for the SSL config file on Linux distributions using the following grep command:
grep -i -r "SSLCertificateFile" /etc/httpd/
- Configure the file and enter commands
Configure the httpd.conf file and enter the following command on your VirtualHost to successfully enable SSL:
- Make sure to adjust the file names to match your certificate files:
• SSLCertificateFile is your TrustCor certificate file (e.g., your_domain_name.crt).
• SSLCertificateKeyFile is the .key file generated when you created the CSR (e.g., your_private.key).
• SSLCertificateChainFile is the TrustCor intermediate certificate file (e.g., dv-ssl-chain.pem)
Note: As of Apache 2.4.8, the SSLCertificateChainFile directive was deprecated and SSLCertificateFile was extended to support intermediate certificates. Adding the intermediate certificate to the end of your certificate will create a chain file for your server.
- Run a test command to test your Apache configuration file
Run the following command to check your configuration file for any errors before restarting Apache.
Depending on your system, it will be apachectl configtest or apache2ctl configtest.
- Restart Apache
If successfully tested, restart Apache by running the following commands:
For older versions of Red Hat Enterprise Linux use init scripts as stated below:
service httpd restart
service apache2 restart
For Red Hat Enterprise Linux 7 or CentOS 7.0 use the following commands:
systemctl restart httpd.service
systemctl restart apache2.service
Your certificate should now be installed. You can navigate to your site in a web browser and view the certificate/site information to verify if HTTPS/SSL is working properly.