1. Copy the Certificate files to your server.
Download your SSL Certificate file from your SSL Provider, then copy them to the directory on your server where you will keep your certificate and key files. Make them readable by root only.
2. Install Mod SSL
In order to set up the self-signed certificate, we first have to be sure that mod_ssl
, an Apache module that provides support for SSL encryption, is installed the server:
yum -y install httpd mod_ssl
sudo systemctl enable httpd.service
systemctl start httpd.service
3. Set Up the Certificate
First copy your certificate file in /etc/ssl/private
mkdir -p /etc/ssl/private
chmod 700 /etc/ssl/private
The next thing to do is to set up the virtual hosts to display the new certificate.
sudo vi /etc/httpd/conf.d/ssl.conf<VirtualHost *:443>
DocumentRoot /var/www/html
ServerName www.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/private/certificate.crt
SSLCertificateKeyFile /etc/ssl/private/private.key
</VirtualHost>
When you are finished making these changes, you can save and close the file.
Adjust the file names to match your certificate files:
- SSLCertificateFile should be your certificate file (eg. your_domain_name.crt).
- SSLCertificateKeyFile should be the key file generated when you created the CSR.
4. Redirect to HTTPS
To redirect all traffic to be SSL encrypted, create and open a file ending in .conf
in the /etc/httpd/conf.d
directory:
sudo vi /etc/httpd/conf/httpd.conf<VirtualHost *:80>
ServerName www.example.com
Redirect "/" "https://www.example.com/"
</VirtualHost>
Save and close this file when you are finished.
5. Test your Apache config before restarting.
apachectl configtest
Restart Apache.
systemctl restart httpd
Now, you are ready to use the SSL certificate with your Apache-SSL server.