How to Install an SSL Certificate on Apache that run Ubuntu?
Last Updated :
01 Jul, 2024
This guide explains installing an SSL certificate on an Apache 2 server. It covers steps such as downloading and uploading the certificate file, configuring the necessary parameters on the Apache 2 server, and verifying the installation. Key parameters include the certificate file, certificate chain, and certificate key. Once the SSL certificate is installed, the Apache 2 server can be accessed via HTTPS, providing secure data transmission.
Prerequisites
Steps to install SSL Certificate on Apache server
Step 1: Download the certificate
- Log on to the Certificate Management Service console.
- In the left-side navigation pane, click SSL Certificates.
- On the SSL Certificates page, find the certificate that you want to manage and click Download in the Actions column.
- Find Apache in the Server Type column and click Download in the Actions column.
Download the Apache Server type certificate- CSR Generation parameters that you use when you submit the certificate application.
When set to Automatic:
- Certificate file in CRT format: The default file name is based on the domain name bound to the certificate, suffixed with `_public.crt`. This file contains the certificate encoded in Base64.
- Certificate chain file in CRT format: By default, named similarly to the certificate file, suffixed with `_chain.crt`.
- Private key file in KEY format: Defaults to the domain name bound to the certificate, in `.key` format.
When set to Manual:
- If you use a CSR generated through the Certificate Management Service console, the extracted certificate file from the package matches the one obtained automatically.
- If the CSR isn't created via the Certificate Management Service console, only the PEM certificate file can be extracted from the package. The password or private key files cannot be extracted directly. A certificate toolkit is recommended for converting these files into the required formats.
Step 2: Install the certificate on the Apache 2 server
- Run the following command to create a directory named ssl in the installation directory of Apache 2.
mkdir /etc/apache2/ssl
- Upload the certificate file and private key file to the certificate directory /etc/apache2/ssl of the Apache 2 server.
- Run the following command to enable the SSL module:
sudo a2enmod ssl
Enabling SSSL module- After you enable the SSL module, the SSL configuration file default-ssl.conf is generated in the /etc/apache2/sites-available directory.
Note: The default-ssl.conf file may be stored in the
`/etc/apache2/sites-available` or `/etc/apache2/sites-enabled` directory.
- The sites-available directory stores the configuration files of available virtual hosts.The sites-enabled directory stores the configuration files of enabled virtual hosts
- After you enable the SSL module, HTTPS port 443 is automatically enabled. If port 443 is not automatically enabled, you can add Listen 443 to the /etc/apache2/ports.conf configuration file to enable port 443.
- Modify certificate-related settings in the default-ssl.conf configuration file.
(a) Run the following command to open the default-ssl.conf file:
vim /etc/apache2/sites-available/default-ssl.conf
(b) Find the following parameters in the default-ssl.conf configuration file and modify the settings based on the following comments:
ServerName example.com # Replace example.com with the domain name that you bind to the certificate.
If the configuration file of your server does not contain this parameter, you must manually add this parameter.
SSLCertificateFile /etc/apache2/ssl/domain_name_public.crt # Specify the path to your certificate file.
SSLCertificateKeyFile /etc/apache2/ssl/domain_name.key # Specify the path to your private key file.
SSLCertificateChainFile /etc/apache2/ssl/domain_name_chain.crt # Specify the path to your certificate chain file.
- Command to map the default-ssl.conf configuration file to the /etc/apache2/sites-enabled directory to realize automatic association between the configuration file and the directory.
sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/001-ssl.conf
- Run the following command to reload the Apache 2 configuration file:
sudo /etc/init.d/apache2 force-reload
Reload configuration file- Run the following command to restart the Apache 2 service:
sudo /etc/init.d/apache2 restart
Restart configurtion fileStep 3: Check whether the certificate is installed
- After you install a certificate, you can access the domain name that is bound to the certificate to verify whether the certificate is installed.
https://yourdomain # Replace yourdomain with the domain name that is bound to your certificate.
- If a lock icon appears in the address bar, the certificate is installed.
Certificate successfully installed
Similar Reads
How to Install an SSL Certificate on Apache? The Apache HTTP Server module mod_ssl provides an interface to the OpenSSL library, which provides Strong Encryption using the Secure Sockets Layer and Transport Layer Security protocols.What is Secure Sockets Layer (SSL)?The Secure Sockets Layer protocol is a protocol layer which may be placed betw
3 min read
How to Install and Customize Apache on Ubuntu or Debian? One of the most dominant forces in web server software is the Apache HTTP Server, often shortened to Apache. This free and open-source project, overseen by the Apache Software Foundation, has been a major player in shaping the Internet since its launch in 1995. Installing an Apache web server on Ubu
2 min read
How To Install apache2-dev on Ubuntu The Apache HTTP Server Project's purpose is to provide a standards-compliant open-source HTTP server that is secure, efficient, and extensible. As a result, it has long been the most used web server on the Internet. This package contains development headers and the apxs2 binary for the Apache 2 HTTP
3 min read
How to install and set up Apache Virtual Hosts on Ubuntu? Every website that is published on the Internet is housed on a web server (host), which is able to handle requests for web pages made by clients using browsers like Chrome, Firefox, or Internet Explorer and is connected to the network with a public IP address. Install a web server before hosting a w
4 min read
How to Install Apache with PHP-FPM on Ubuntu? The Apache HTTP Server is a free, open-source, cross-platform web server software. It is developed and maintained by Apache Software Foundation. Apache is the most widely used web server around the world. The vast majority of Apache HTTP server instances run on Linux distribution, but current versio
4 min read