Paul's Programming Notes     Archive     Feed     Github

Enabling SSL On Apache

This is a quick overview of the process of adding an SSL certificate to apache (for next time...):
  1. Generate your private key and CSR with:
    openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
  2. Request your certificate
  3. Save requested certificate onto server in a .crt file
  4. Download the intermediary/root cert from
  5. Make your site file in /etc/apache2/sites-enabled/ look like this:
<VirtualHost *:443>

        SSLEngine On
         SSLCertificateFile /home/youruser/yourdomain.crt
         SSLCertificateKeyFile /home/youruser/yourdomain.key
         SSLCACertificateFile /var/www/verisign.crt


        DocumentRoot /var/www/yourdomain

An explanation of each of those certificates:
SSLCertificateFile - This is the certificate you received after your request.
SSLCertificateKeyFile - This is the private key you generated in step 1.
SSLCACertificateFile - This is the intermediary cert you downloaded from verisign.