Installing your Certificate on Apache with mod_ssl
- Extract all of the contents of the ZIP file that was sent to you and copy/move them to your server. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle
- Move all of the certificate related files to their appropriate directories.
A typical setup:
- Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access.
- Move the yourDomainName.crt and yourDomainName.ca-bundle to the ssl.crt directory, which is typically found in the /etc/ssl/ directory.
- Edit the file that contains the SSL configuration with your favorite text editor.
Examples: nano, vi, pico, emacs, mousepad, notepad, notepad++, etc.
Note: The location of this file may vary from each distribution. It will be referenced in the Apache global configuration file. Look for the lines starting with include.
Apache Configuration File:
Debian and Debian based: /etc/apache2/apache2.conf
SSL Configuration File:
Some possible names:
- In the /etc/apache2/sites-enabled/ directory.
Note: If need be please consult your distribuiton's documentation on Apache and SSL or navigate to the Apache Foundation's Apache2 Documentation.
- In the VirtualHost section of the file please add these directives if they do not exist. It is best to comment out what is already there and add the below entries.
- SSLEngine on
- SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
- SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
- SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle ***
- Save your config file and restart the Apache service.
Please use SSLCACertificateFile instead of SSLCertificateChainFile.
Note: The above paths in the directives are only used as examples. Your server may have a different path and may need to be modified to suit your needs.