Apache HTTP Server is a free and open-source web server that delivers web content through the internet. It is commonly referred to as Apache and after development, it quickly became the most popular HTTP client on the web. This quick guide explains how to install an SSL certificate on Apache Web Server.
Step 1: Generate CSR(refer to another tutorial for the same) and get a certificate.
To complete the SSL installation, you will need the following certificate files:
- Your primary certificate (.crt file)
- The root and intermediate certificates (.ca-bundle file)
- The private key was generated while you created the CSR.
Once you’ve them, continue the below steps to install SSL on Nginx.
Step 1: Combine all the certificates
First, you need to combine all the certificates issued for your domain into a single file. You can do this manually using the copy-paste function and a text editor, or automatically via specific commands.
If you decide to do it manually, the order of the SSL certificates is important. Please use the following sequence:
- Your primary certificate for your domain name
- Intermediate certificates
- Root certificate
To automatically combine the certificates run the following commands.
If you have separate intermediate and root files, run from the Linux terminal(if you don’t want to do from Linux terminal, you can just use any text editor to combine content of all the files and make a new one from it) :
cat your_domain.crt intermediate.crt root.crt >> ssl-bundle.crt
If your intermediate and root certificates are inside a single file with .ca-bundle extension, run:
cat example_com.crt bundle.crt >> ssl-bundle.crt
Note: Don’t forget to add your actual certificate file names.
Save the new, combined file in the SSL directory of your NGINX server.
Step 2: Edit the NGINX configuration file
Next, edit the NGINX configuration file (nginx.conf). You need to add or edit virtual host for port 443 for your website. If your configuration file doesn’t have a virtual host for port 433, duplicate the attribute for port 80, and rewrite port 80 to port 443
You will also need to include the following special properties in virtual host record:
- ssl on;
- ssl_certificate – pointed to the directory of your combined SSL file
- ssl_certificate_key pointed to the directory of your private key file generated along with the CSR
The final version of your configuration file should look like the example below:
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/usessl.key;
server_name usessl.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
root /var/www/;
index index.html;
}
}
Step 3: Restart your NGINX
Please, save your modifications and restart your NGINX server via:
sudo /etc/init.d/nginx restart
or
sudo systemctl restart nginx
Congratulations! You have successfully installed your SSL certificate on the NGINX server. You can now check the status of your SSL installation using any SSL tools.
Write a comment
Your email address will not be published. All fields are required