How to Install SSL Certificate on Apache?
SSL stands for Secure Sockets Layer, the protocol which provides the encryption. It provides secure, encrypted communications between a website and an internet browser. and are typically installed on pages that require end-users to submit sensitive information over the internet like credit card details or passwords, used to secure our website and web app.
OpenSSL is a software library to be used in applications that need to secure communication over the internet. To install on Ubuntu/Debian run the following command.
sudo apt-get update
sudo apt-get install openssl
CSR stands for Certificate Signing request, To generate server key and CSR file run the following command, replace example.com to your domain name on which you want to install SSL certificate.
openssl genrsa -out example.com.key 2048
openssl req -new -sha256 -key example.com.key -out example.com.csr
When you will run the above command it will ask your information like
State or Province: XYZ
City or Locality: XYZ
Organization Unit: XYZ
Common Name: www.example.com
Fill out your details and hit enter, In Country provide two digits of your country code(example India: IN, USA: US etc )
Download these two files (example.com.key and example.com.csr) and submit it to the certificate provider, then they will issue the certificate. The certificate should contains two file .crt and .ca-bundle or bundle.crt
Put your certificate file, bundle file and key file in the directory /etc/ssl/certs/
SSLCertificateFile — Certificate file
SSLCertificateKeyFile — Server key file
SSLCertificateChainFile — bundle file
3. Configure Apache Web Server
Create the virtual host in apache, edit the file and make the virtual host for your domain and include the domain name, port 443, certificate file path etc. sudo nano /etc/apache2/site-enabled/000-default.conf
If you want to redirect all your traffic to https than make sure you are also adding redirect rule. The virtual host may look like.
#Redirect all http traffic to https
Redirect permanent / https://www.example.com
4. Enable SSL Mode and restart apache services
sudo a2enmod ssl
sudo service apache2 restart
Open your website URL in web browser eg. example.com or www.example.com and you will see a green(Secure) lock before the URL.