Question

Got the SSL certs. Now what?

Posted September 11, 2014 3.2k views

I just purchased an SSL through NameCheap (positiveSSL) for Apache with OpenSSL. I am running Ubuntu 14.04 x32. I was able to generate the CRT files for verification, and I got the approval and everything else, as well as a zip file with 4 crt files, now I just need to know where to put them and how to install them.

Everything I’ve seen is creating certs rather than installing them, and the only tutorial on here I can find is using the free SSL authority, and they use different file types.

Can anyone help out a n00b?

Add a comment
youvebeenmoosed
By:
youvebeenmoosed
Add a comment
4 comments
  • hunky September 12, 2014
    Reply Report

    Sorry to ask an off topic question, how much did it cost ??

  • sianios September 12, 2014
    Reply Report

    @sauravbasu NameCheap offers certificates for aroun 7 euros.

  • hunky September 12, 2014
    Reply Report

    Which encryption algorithm are you using ??

    SHA1 or SHA2 ??

  • mdvucak September 13, 2014
    Reply Report

    To install certs to your apache web server, simply add them to the apache config file. You most probably want to create a new named virtual host that listens on port 443 (default https).

    Here is an example config:

    <VirtualHost example.com:443>
ServerName example.com
ServerAlias example.com
ServerAdmin admin@example.com
SSLEngine on
SSLCertificateFile /path/to/your/certs/example.crt
SSLCertificateKeyFile /path/to/your/certs/example.key
...
other stuff
...
</VirtualHost>

    Don’t forget to open TCP port 443 in your firewall.
    If you need something more advanced, check out the apache official documentation.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
asb September 11, 2014

Upload the zip file containing the certs to your server, and extract it to /etc/apache2/ssl/ Then create a new VirtualHost in your Apache configuration that listens on port 443:

<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName example.com
    DocumentRoot /var/www/html

    SSLEngine on                                                                
    SSLProtocol all -SSLv2                                                      
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM                

    SSLCertificateFile /etc/apache2/ssl/ssl.crt  # The cert sent to you                      
    SSLCertificateKeyFile /etc/apache2/ssl/private.key  # The key file made when you generated the CSR 
    SSLCACertificateFile /etc/apache2/ssl/ca.crt

    # any other Apache configuration 
</VirtualHost>

To create the SSLCACertificateFile, you’ll need to combine the CA certs sent to you:

cat PositiveSSLCA.crt AddTrustUTNServerCA.crt.crt > ca.crt
Reply Report

Looking for something else?

Ask a new question Search for more help