How to Install Positive SSL Certificate for Website Hosted on VPS

By
Nishant Kumar
-
0
How To Install Positive SSL Certificate For Website Hosted On VPS - techinfoBiT
Image Source: Pixabay.com

Earlier I had posted about the CSR(Certificate Signing Request) and it’s generation process. Now I hope you already have CSR and its time to install Positive SSL on the website. The Installation of positive SSL certificate also requires root access as I mentioned in the CSR generation post.

So if you have the Shared Hosting and don’t have the root access you should contact with your service provider and they will guide you to do the further procedure. This post will help only those who are using VPS/Private Server with Apache.

Follow these Steps:-

  • Download the certificate from the Positive SSL provider, which must be two files in the zip folder.
  • Extract all of the contents of the ZIP file that was sent to you and copy/move them to your server. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle.
  • Move all of the certificate related files to their appropriate directories.
  • A Typical Setup
  • Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access.
  • Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access.
  • Edit the file that contains the SSL configuration with your favourite text editor.

Examples: nano, vi, pico, emacs, mousepad, notepad, notepad++, etc.

Note: The location of this file may vary from each distribution. It will be referenced in the Apache global configuration file. Look for the lines starting with include.

Apache Configuration File:

      • Fedora/CentOS/RHEL: /etc/httpd/conf/httpd.conf
      • Debian and Debian based: /etc/apache2/apache2.conf

SSL Configuration File:

Some possible names:-

  • httpd-ssl.conf
  • ssl.conf
  • In the /etc/apache2/sites-enabled/ directory.

Note: If need be please consult your distribution’s documentation on Apache and SSL or navigate to the Apache Foundation’s Apache2 Documentation.

In the VirtualHost section of the file please add these directives if they do not exist. It is best to comment out what is already there and add the below entries.

  • SSLEngine on
  • SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
  • SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
  • SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle ***

Apache 1.x:

      1. Please use

SSLCACertificateFile

      1.  instead of

SSLCertificateChainFile

Note: The above paths in the directives are only used as examples. Your server may have a different path and may need to be modified to suit your needs.

Save your config file and Restart the Apache Server.

If you got any error while restarting the apache like “Could not reliably determine the server’s fully qualified domain name……” just follow these following steps:-

  • Open httpd.conf
If you don't have httpd.conf under /etc/apache2, you should have apache2.conf
  • Add the following line anywhere…
ServerName localhost
  • Restart apache2 service

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.