Paul Philippov

home is where ~/ is

How to install SSL certificate in Apache

Generate a secure key for the domain:

$ openssl genrsa -out domain.key 1024

Generate a self-signed certificate:

$ openssl req -new -x509 -days 365 -key domain.key -out domain.crt

Generate a signed request if you want to have a valid certificate:

$ openssl req -new -key domain.key -out domain.csr

Submit the request to SSL certificate provider. Get signed certificate and save it to domain.crt.

Next, set up Apache to utilize the certificate.

<VirtualHost *:443>
  ServerName             domain
  DocumentRoot           /srv/www/domain/public
  ErrorLog               /srv/www/domain/log/ssl_error.log
  CustomLog              /srv/www/domain/log/ssl_access.log combined
  SSLCertificateFile     /srv/www/domain/ssl/domain.crt
  SSLCertificateKeyFile  /srv/www/domain/ssl/domain.key
  SSLEngine              on
  SSLProtocol            all -SSLv2 -SSLv3 -TLSv1
  SSLCipherSuite         HIGH:!aNULL:!MD5

Published on January 01, 2013 (over 4 years ago)

Article tags: apache, linux, ssl