How To Install SSL Certificate on Apache Web Server?
An Apache SSL certificate is crucial for establishing Apache servers while ensuring seamless configuration. This installation guide will introduce you to the key requirements for Apache SSL certificate installations and the installation steps.
Generating CSR Code on Apache
When purchasing an SSL certificate, you’ll have to generate CSR. This is a mandatory step that every SSL applicant must complete. One of the best ways to generate CSR is:
Things Required to Install SSL Certificate on Apache
#1 First Things First: Get a Server Certificate
You’ll receive this certificate from the CA via email for your domain. If not received, go to your Account Dashboard, tap on your order, and download it.
#2 Ensure Having CA Bundle/Intermediate Certificates
The devices connecting to the server can identify the provisioning CA via these files. You’ll find intermediate certificate(s), often called CA Bundle, provided they come in a ZIP folder. If not, you’ll have to download it from the dashboard.
#3 Be Ready with a Private Key
If you use any free tool for generating your CSR, you should have this private key file on the server. The private key is available with CSR, and displayed on the screen when the user generates the CSR.
Pro Tip: Make sure you save all these files on the server directory where they are stored initially. With these things ready, you can install an SSL certificate on Apache.
Step-By-Step Guide on How to Install SSL Certificate on Apache
Step 1: Double Check to Have Everything Ready!
Once you receive a signed SSL certificate from the Certificate Authority, you’ll be ready to install it on the server securely. To do so, prepare all the certificate files as mentioned above.
Your primary SSL certificate – .crt file – must be ready. Make sure you have all the CA bundle certificates. Integrate them into a single CA bundle file if they are in separate files.
Step 2: Locate the Apache Configuration File
Based on the OS version and the server, the configuration file may be located in various directories. Go to the following directories: /etc/apache2/, /etc/httpd/, or /etc/httpd/conf.d/ssl.conf and search for ssl.conf, apache2.conf, or httpd.conf.
Step 3: Virtual Host Configuration
Your website has a separate virtual host section. After finding the Apache configuration file, start with the virtual host configuration.
Before anything else, your current .conf file must be renamed to .conf_backup and saved somewhere else for backup. It will allow you to undo changes if things go wrong.
Step 4: Edit the Virtual Host File
The virtual host usually appears like this:
<VirtualHost [IP ADDRESS]:443>
ServerAdmin [email protected]
DocumentRoot /var/www/
ServerName www.abc.com
SSLEngine on
SSLCertificateFile /etc/ssl/abc_com.crt
SSLCertificateKeyFile /etc/ssl/abc.key
SSLCertificateChainFile /etc/ssl/abc_com.ca-bundle
</VirtualHost>
Note: You must edit the bold section using your relevant details. Also, ensure not to use a ‘#’ (comment) in front of the bold attributes. If not, it’s advisable to uncomment them.
Step 5: Modify the File Names
In the above illustration, you’ll have to modify the file names. Make sure it coincides with your certificate files along with their server location:
In the above illustration, you’ll have to modify the file names. Make sure it coincides with your certificate files along with their server location:
- SSLCertificateChainFile – It is none other than your CA Bundle file.
- SSLCertificateKeyFile – It is the private key file that you created while generating the CSR.
- SSLCertificateFile: It is your main SSL certificate file.
Step 6: Save & Restart
Once done, save the configuration file. Then, run one of these commands to restart the Apache server:
apachectl stop
apachectl start
apachectl restart
If the restart fails or something malfunctions, you’ve nothing to worry about. That’s because, in step 3, we have already made a backup config file. If the server fails to restart, remove the modified file, return to the backup file, repeat the steps, and restart.
If it restarts successfully, the installation is done, and your website is now more secure than ever.
Testing your SSL Installation
Once you install the SSL certificate on the Apache server, check the installation status with this highly effective method: Using our SSL Installation Checker Tool.
You can use our server certificate tester tool to check and evaluate your SSL certificate installation status, provided your website is publicly accessible. This tool can detect and show any typical installation error or issue.