Apache + ModSSL + OpenSSL

 

 Installing your Web Server Certificate

Your certificate will be sent to you by email. The email message includes the web server certificate that you purchased in the body of the email message.

Copy the certificate from the body of the email and paste it into a text editor (such as notepad) to create text files.

If you have not already set up a secure virtual host or would like to learn more about installing SSL, refer to the following link for more information:


http://www.linuxdoc.org/HOWTO/SSL-RedHat-HOWTO.html#toc4″

NOTE: The examples below use the following naming conventions: “Your Private Key” = “domainname.key”; “Your Web Server Certificate” = “domainname.crt”

  1. Copy the certificate to the Apache server directory in which you plan to store your certificates (by default: /usr/local/apache/conf/ssl.crt/ or /etc/httpd/conf/ssl.crt/).
    • 

NOTE: Copy the entire contents of the certificate from (and including) the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines.
  2. Open the httpd.conf file in a text editor.
  3. Locate the secure virtual host pertaining to your order. You should have the following directives within this virtual host. Please add them if they are not present:
    • SSLCertificateFile /usr/local/apache/conf/ssl.crt/domainname.crt (or server.crt)
    • SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/domainname.key (or server.key)
  4. Save the changes and exit the editor.
  5. Start or Restart your apache web server using one of the following commands:
    • By default on of these:
      • 
/usr/local/apache/bin/apachectl startssl
      • 
/usr/local/apache/bin/apachectl restart
    • Other commands:
      • /usr/sbin/httpd startssl or restart
      • /usr/sbin/httpsd startssl or restart

Test your certificate by using a browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP.

NOTE: The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL.

 Posted by at 16:59