Setup SSL on the site on Linux Server

1. Copy the certificate files to the server

There should be 3 SSL files:

  • your_domain_name.crt
  • your_private.key
  • DigiCertCA.crt – This will be you chain file.

Note: Make them readable by root only to increase security.

2. Find the Apache configuration file (httpd.conf) you need to edit.

  • The name and location and name of the configuration file can vary from server to server—particularly if you’re using a special interface to manage your server configuration.
  • Apache’s main configuration file is typically named httpd.conf or apache2.conf. Possible locations for this file include /etc/httpd/ or /etc/apache2/.
  • Often, the SSL certificate configuration is located in a <VirtualHost> block in a different configuration file. The configuration files may be under a directory like /etc/httpd/, /etc/apache2/. In this directory, you need to find the conf file of the site like for site www.uksoccershop.com it will be uksoccershop.com.conf. You will find the <VirtualHost> tag in this file. In case the file uksoccershop.com.conf is not present you can use common file httpd.conf or apache2.conf

3. Identify the SSL <VirtualHost> block you need to configure.

Below is a very simple example of a virtual host configured for SSL. The parts listed in blue are the parts you must add for SSL configuration.

<VirtualHost 192.168.0.1:443>

DocumentRoot /var/www/html2

ServerName www.yourdomain.com

SSLEngine on

SSLCertificateFile /path/to/your_domain_name.crt

SSLCertificateKeyFile /path/to/your_private.key

SSLCertificateChainFile /path/to/DigiCertCA.crt

</VirtualHost>

 

4. Make sure to adjust the file names to match your certificate files.

 

SSLCertificateFile is your DigiCert certificate file (e.g., your_domain_name.crt).

 

SSLCertificateKeyFile is the .key file generated when you created the CSR (e.g., your_private.key).

 

SSLCertificateChainFile is the DigiCert intermediate certificate file (e.g., DigiCertCA.crt)

 

Note: If the SSLCertificateChainFile directive does not work, try using the SSLCACertificateFile directive instead.

 

5. Test your Apache configuration file before restarting.

As a best practice, check your Apache configuration file for any errors before restarting Apache.

Caution: Apache won’t start again if your configuration files have syntax errors.

 

Run the following command to test your configuration file (on some systems, it’s apache2ctl):

apachectl configtest

 

6. In case of no error please restart apache using below command

service apache2 restart

 

After restarting apache2, you can check whether your SSL is setup correctly or not using https://www.sslshopper.com/ssl-checker.html

Setup SSL on the site on Linux Server

the above screenshot, you have to verify that arrow should be green like above between server and chain. If there is no issue then your SSL is set up correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *