Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

How to Install SSL Certificate on Apache Web Server

Steps to Install SSL on Apache Web Server

Initial Instructionapache web server.

Please complete this checklist before installing SSL Certificate on the Apache Webserver

  • Buy/renew SSL Certificate
  • Generate CSR with SHA-2 algorithm
  • Save the CSR & Private key file on your server directory
  • Submit SSL issuance Documents as per CA’s requirement (Only for OV & EV Certificate issuers)

Step 1: Save SSL Certificate Files

After payment and document verification process you will receive certificate files (server certificate, root certificate and intermediate certificate) via email. Store these files on your apache server directory.

For Example – The location on SSL key file is /etc/ssl/ssl.key and the location of the Server Certificate and CA-Bundle Files is – /etc/ssl/ssl.crt)

Step 2: Download CA bundle Files

CA-bundles are required to install SSL Certificate. CA-Bundle files could be different based on the type of your SSL certificate (Either Domain, Organization or Extended Validation SSL certificate). Visit your SSL Certificate authority website for CA bundle files.

Step 3: SSL Configuration file (HTTPD.CNF) modification

Perform these steps for Apache Server SSL Configuration on .conf file and Virtual Host file.

  • Open the cnf file using any text editor (E.G Notepad).
  • In the virtual host section add the following lines to add information about the domain which you wish to secure using SSL certificate.
    • SSLEngine on
    • SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    • SSLCertificateFile /etc/ssl/ssl.crt/domain.crt
    • SSLCertificateChainFile /etc/ssl/ssl.crt/domain.ca-bundle

For older apache version use SSLCACertificateFile instead of SSLCertificateChainFile.

  • SSLProtocol all
  • SSLHonorCipherOrder On (Ciphers use order in server)
  • SSLCipherSuiteECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS (To set up the priority to the strong ciphers & also disabling the weak ciphers as well.)
  • Save the cnf file.
  • Restart your Apache Server.

You can also apply the following commands to restart Apache

/usr/local/apache/bin/apachectl startssl
/usr/local/apache/bin/apachectl restart

Your SSL Certificate is now installed on your Apache.

Note: File names such as server.key, domain.crt, and domain.ca-bundle are used for illustration purposes only. You have to use your own certificate file names.

Resources and Other Installation Guides

95%
OFF

comodo-square-logo

Comodo Positive SSL

$6.55

Vendor Price: $41.73

Coupon Code: ASCSCPSSL4

Get It Now

78%
OFF

rapidssl-coupon-square-logo

RapidSSL Certificate

$13.45

Vendor Price: $69

Coupon Code: ASRSRSSL2

Get It Now

95%
OFF

comodo-square-logo

Comodo PositiveSSL Multi-Domain

$17.54 – 2 SAN Included

Vendor Price: $41.73

Coupon Code: ASCSCPMD4

Get It Now

AboutSSL’s Best Stuff

Compare Best SSLs

Choose Your Best SSL

SSL Installation Guide

s

Fix SSL Errors

SSL Coupons

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More