Paul's Programming Notes PostsRSSGithub

Enabling SSL On Apache

This is a quick overview of the process of adding an SSL certificate to apache (for next time…):

  1. Generate your private key and CSR with:

    openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
    
  2. Request your certificate
  3. Save requested certificate onto server in a .crt file
  4. Download the intermediary/root cert from http://www.symantec.com/page.jsp?id=roots
  5. Make your site file in /etc/apache2/sites-enabled/ look like this:
<VirtualHost *:443>

    SSLEngine On
    SSLCertificateFile /home/youruser/yourdomain.crt
    SSLCertificateKeyFile /home/youruser/yourdomain.key
    SSLCACertificateFile /var/www/verisign.crt

    ServerName www.yourdomain.com

    DocumentRoot /var/www/yourdomain

An explanation of each of those certificates:

  • SSLCertificateFile - This is the certificate you received after your request.
  • SSLCertificateKeyFile - This is the private key you generated in step 1.
  • SSLCACertificateFile - This is the intermediary cert you downloaded from verisign.