Moving a Godaddy SSL certificate to apache ubuntu 14.04

October 12, 2014 22.8k views

I have a Godaddy SSL certificate and is connect with my domain and the domain is
connect with my droplet.

in my server I have on my folder "/etc/apache2/ssl/" two files "domain.com.csr and domain.com.key"

I have past the code from "domain.com.csr" on Godaddy SSL CSR

Godaddy give me two files "62gyg787t86.crt and bundle-g2-g1.crt"
and I have move those file into "/etc/apache2/ssl/"
so now I have four files "domain.com.csr, domain.com.key, 62gyg787t86.crt and bundle-g2-g1.crt"

On my the folder "/etc/apache2/sites-available" I have the a file call default-ssl.conf
inside this file I have make some change

ServerName domain.com:443
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/domain.com.csr
SSLCertificateKeyFile /etc/apache2/ssl/domain.com.key
SSLCertificateChainFile /etc/apache2/ssl/bundle-g2-g1.crt

I have try "SSLCertificateFile" with "/etc/apache2/ssl/62gyg787t86.crt" but nothing happen

and after all this process I reload apache
but my SSL does not work any idea why?

5 Answers

Please follow these steps from the beginning

step 1 :
take a backup of your 000-default.conf
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.bkp

step 2:
create a file in /etc/apache2/sites-available directory with your sitename.conf
touch /etc/apache2/sites-available/example.com.conf

step 3: enable your site
a2ensite example.com
a2ensite example.com.conf

step 4
delete all content of 000-default.conf and put these code

<VirtualHost *:443>
        ServerAdmin admin@example.com
        DocumentRoot /var/www/html
        ServerName example.com
        ServerAlias www.example.com
        SSLEngine on
        SSLCertificateFile /address/of/your/certificate.crt
        SSLCertificateKeyFile /address/of/your/keyfile.key
        SSLCACertificateFile /address/of/your/certificate_chain_file.crt
        <Directory /var/www/html>
        Options FollowSymLinks
        AllowOverride All

<VirtualHost *:80> 
    ServerName example.com
    ServerAlias www.example.com 
    Redirect permanent / https://www.example.com

step 5
apachectl configtest

Step 6
restart apache

Have you tried this:

a2enmod ssl; service apache2 restart

Also, you should have created a new key, built a new CSR, then pasted the CSR in GoDaddy to get the proper certificate.

to create a new key:

openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout /etc/ssl/private/new.key

Then, you grab the CSR:

cat CSR.csr

input it into GoDaddy, generate the new certificate, import it into the server (I'd place it in /etc/ssl/certificates/new.crt), then use this config:

ServerName domain.com:443
SSLEngine on
SSLCertificateFile /etc/ssl/certificates/new.crt
SSLCertificateKeyFile /etc/ssl/private/new.key
SSLCertificateChainFile /etc/apache2/ssl/bundle-g2-g1.crt

I have the same issue, I have completely done as discussed above. but I am unable to open site with https:

This works for me in Apache 2.4.12

SSLEngine On
SSLOptions +StrictRequire
SSLCertificateFile /etc/apache2/ssl/godaddy.crt
SSLCertificateKeyFile /etc/apache2/ssl/new.key
SSLCACertificateFile /etc/apache2/ssl/gd_bundle-g2-g1.crt

After install SSL certificate apache2 is not restart , I got the error
ubuntu@ip-172-31-7-61:/etc/apache2$ sudo service apache2 restart

  • Restarting web server apache2 (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443 Apache needs to decrypt your SSL Keys for movingscenes.com:443 (RSA) Please enter passphrase:Action 'start' failed. The Apache error log may have more information. [fail] ubuntu@ip-172-31-7-61:/etc/apache2$

Please help me , Please.

Have another answer? Share your knowledge.