How to Install SSL Certificate on Ubuntu Server using Apache
Steps to Install SSL Certificate on Ubuntu Server using Apache
Before you start SSL certificate installation, please complete the following processes.
- Buy/renew SSL Certificate
- Generate CSR with SHA-2 algorithm
- Save the CSR & Private key file on your server
- Apply for SSL Certificate Issuance
- Submit SSL Certificate issuance documents as per CA’s requirement (Only for Extended & Organization Validation)
Step 1: Store SSL certificate Files
- After verifying your documents your CA will issue your SSL certificate and send it via email.
- This email contains primary, root and intermediate certificate files included into a zip file.
- Download that zip file and extract it on your server where you wish to put all your certificate files.
Step 2: Edit Apache.config File
- You will find Apache.config file on /etc/apache2/sites-enabled/Domain_name location, or else type
sudoa2ensite Domain_name command to find it.
- Open Apache.config file using a text editor.
- Find the <VirtualHost>
- If you wish to make your website accessible using both secured (https) and non-secured (
http), then you require 2 separate files in /etc/apache2/sites-enabled/ directory. Here on file will be for port number 80 and other one will be for port number 443.
- If you only required to access your website with only secured (https) way then perform step 3 operations.
Step 3: Configure <VirtualHost> Section
- Configure the <VirtualHost> section with the following piece of code:
<VirtualHost 192.168.0.1:443> DocumentRoot /var/www/ SSLEngine on SSLCertificateFile /path/to/Domain-Name.crt SSLCertificateKeyFile /path/to/Private.Key SSLCertificateChainFile /path/to/Intermediate.crt </VirtualHost>
SSLCertificateFile = Primary SSL Certificate file
SSLCertificateKeyFile = Private Key file (Generated During CSR creation process)
SSLCertificateChainFile = Intermediate Certificate file provided by your certificate authority (CA)
- Save the Apache.config file.
- Now test your Apache.config file using
- Restart Apache using
apachectl stop apachectl start