Thursday, October 17, 2013

Enabling SSL On Apache


This is a quick overview of the process of adding an SSL certificate to apache (for next time...):
  1. Generate your private key and CSR with:
    openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
  2. Request your certificate
  3. Save requested certificate onto server in a .crt file
  4. Download the intermediary/root cert from http://www.symantec.com/page.jsp?id=roots
  5. Make your site file in /etc/apache2/sites-enabled/ look like this:
<VirtualHost *:443>


        SSLEngine On
         SSLCertificateFile /home/youruser/yourdomain.crt
         SSLCertificateKeyFile /home/youruser/yourdomain.key
         SSLCACertificateFile /var/www/verisign.crt

        ServerName www.yourdomain.com

        DocumentRoot /var/www/yourdomain


An explanation of each of those certificates:
SSLCertificateFile - This is the certificate you received after your request.
SSLCertificateKeyFile - This is the private key you generated in step 1.
SSLCACertificateFile - This is the intermediary cert you downloaded from verisign.

No comments:

Post a Comment