Blog

How to: Configure SSL for your Apache Web-APP

by
  1. Download and Collect Certificate and Key file from your SSL provider 
  2. Certificate files can be found in the following format
    1. .pem or .crt extension
    2. Main certificate files, intermediate certificate files and CA root certificate files (collect all of them)
  3. Key files can be found in the following format
    1. .pem or .key extension

There are 2 ways to configure SSL in Apache with separate certificate file and one with combined certificate file, let’s go through one of them 

  • Combined certificate file 
    1. Let’s put all certificate and key files in “etc/apache2/ssl” folder 
    2. Let’s Assume file names are
      12345678.crt
      gd-g1-g2-bundle.crt
      1234568.key
    3. In this case, 12345678.crt is the main certificate file and gd-g1-g2-bundle.crt contains intermediate and root certificate files. 
    4. Let’s combine them with the following command 
cd /etc/apache2/ssl
cat 12345678.crt gd-g1-g2-bundle.crt >> combined_certificate.crt

Our certificate and key files are ready, let’s configure apache now 

Go to Apache configuration folder

cd /etc/apache2/sites-available

You will find a file with name “default-ssl.conf” (if it is not there don’t worry, create a file with this name, and add following content into it ) 

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin webmaster@localhost
 
        DocumentRoot /var/www/html
 
        ServerName example.com
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/combined_certificate.crt
        SSLCertificateKeyFile /etc/apache2/ssl/1234568.key
 
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
 
    
 
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                SSLOptions +StdEnvVars
        </Directory>
 
        
 
    </VirtualHost>
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Replace the server name with your domain name. 
Replace SSL certificate path if needed

Save above file and fire following command 

a2enmod ssl
a2ensite default-ssl.conf
service apache2 restart
service apache2 status

Visit your website on domain name and check if it has configured well and running. 

Post Views: 2,128

Related Posts:

Leave a Comment