Using Commercial SSL Certificates on your Linux Apache Server

26 / Sep / 2016 by Vaibhav Gulati 0 comments

Refer this blog to get a basic understanding of using self-signed SSL certificates on your Apache server.

Also, the above link will help you in generating a private key and a CSR (Certificate Signing Request), which contains information about your country, locality, company, your public key, etc.; for your server.

For commercial SSL certificates firstly a private key is generated as mentioned in the blog. Then using the private key a CSR is generated.

Give this CSR to the Certification Authority or Certificate Authority (CA) Authority (Here, GoDaddy) so that it can generate an SSL certificate for your domain. Also, you need to provide some documents to ensure that the domain name belongs to you.

After CA has verified the documents and used your CSR to create the SSL Certificate, you can download it from My Products Section > SSL CERTIFICATES > Manage > Download.

After downloading you’ll notice that it contains two files one named <some_hash_value>.crt and other gd_bundle-g2-g1.crt.

So your Apache(version < 2.4.8) configuration becomes:

        SSLCertificateFile      << path_to_<some_hash_value>.crt >>
        SSLCertificateKeyFile   << path_to_private_key_used_for_csr >>
        SSLCertificateChainFile << path_to_gd_bundle-g2-g1.crt >>

And Apache(version > 2.4.8) configuration becomes:

        SSLCertificateFile      << path_to_<some_hash_value>.crt >>
        SSLCertificateKeyFile   << path_to_private_key_used_for_csr >>
        SSLCACertificatePath    << path_to_gd_bundle-g2-g1.crt >>

Now, reload/restart the Apache to see the effective changes.
The website will now load with secure https connection.

The details of the certificate can be viewed in the browser by visiting Inspect Element > Security > View certificate.

View SSL Ceritificate

Hope after reading this you’ll be able to easily apply commercial certificates(especially GoDaddy’s) on your Apache server, and there will be no confusion regarding which file to be used as SSLCertificateFile and SSLCertificateChainFile/SSLCACertificatePath.

FOUND THIS USEFUL? SHARE IT

Leave a comment -