{"id":5608,"date":"2012-06-01T00:53:46","date_gmt":"2012-05-31T19:23:46","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=5608"},"modified":"2016-12-19T14:45:58","modified_gmt":"2016-12-19T09:15:58","slug":"how-to-set-up-ssl-certificates-on-your-server","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/how-to-set-up-ssl-certificates-on-your-server\/","title":{"rendered":"How to Set-up SSL certificates on your Linux server"},"content":{"rendered":"<p>In one of my project, I have to set-up SSL certificates for my website to make it secure, so that it could also be access via https protocol. SSL is a way to secure internet communication from your browser to a secure website. The websites using SSL will have https:\/\/ to their name.<br \/>\n<br \/>\nFollowing are the steps to set-up SSL certificate on your server:<br \/>\n1. Issue Command to Generate Key: <code>openssl genrsa -des3 -out www.MY_DOMAIN_NAME.com.key 2048. <\/code><br \/>\n2. Issue Command to Generate CSR(Certificate Signing Request):<br \/>\n<code>openssl req -new -key www.MY_DOMAIN_NAME.com.key -out www.MY_DOMAIN_NAME.com.csr.<\/code><br \/>\n<br \/>\n This command will prompt for the following X.509 attributes of the certificate:<br \/>\n   &#8211; Country Name: Use the two-letter code without punctuation for country, for example: US or CA.<br \/>\n   &#8211; State or Province: Spell out the state completely; do not abbreviate the state or province name, for example: California<br \/>\n   &#8211; Locality or City: The Locality field is the city or town name, for example: Berkeley. Do not abbreviate. For example: Saint Louis, not St. Louis<br \/>\n   &#8211; Company: If the company or department has an &amp;, @, or any other symbol using the shift key in its name,the symbol must be spelled out or omitted, in order to enroll. Example: XY &amp; Z Corporation would be XYZ Corporation or XY and Z Corporation.<br \/>\n   &#8211; Common Name: The Common Name is the Host + Domain Name. It looks like &#8220;www.company.com&#8221; or &#8220;company.com&#8221;. etc.<br \/>\n   &#8211; <strong>You can skip other attributes by pressing return (or enter)<\/strong><br \/>\n<br \/>\n3. You can verify your CSR (Optional) Here<br \/>\n4. Now, At verilog site or any other site apply for test certificates and fill up the details over there, paste your www.MY_DOMAIN_NAME.com.csr file content  on the request form and submit it.<br \/>\n5. After few minutes, You will receive an email which contains the certificate attached in its body, copy that certificate and save it as www.MY_DOMAIN_NAME.com.crt on your server. (For email,check your spam also \ud83d\ude09 )<br \/>\n6. Enable MOD-SSL by Issuing Commands: a2enmod ssl<br \/>\n7. Now you need to update the apache config file. Open you sites apache-config file located at \/etc\/apache2\/sites-available\/YOUR_SITE_NAME. This is an XML File . Modify &#8220;<strong>VirtualHost *.80<\/strong>&#8221; to &#8220;<strong>VirtualHost *.443<\/strong>&#8221; (443 Port is used for SSL) and paste the following code inside the &#8220;<strong>VirtualHost *:443<\/strong>&#8221; tag.<br \/>\n<code><br \/>\nSSLEngine on<br \/>\nSSLCertificateFile COMPLETE_PATH_TO_CRT_FILE (like \/home\/user\/ssl\/www.MY_DOMAIN_NAME.com.crt)<br \/>\nSSLCertificateKeyFile COMPLETE_PATH_TO_KEY_FILE (like \/home\/user\/ssl\/www.MY_DOMAIN_NAME.com.key)<br \/>\n<\/code><br \/>\n &#8211; Note: For using both http and https protocol, copy and paste &#8220;<strong>VirtualHost *.80<\/strong>&#8221; tag, modify copied &#8220;<strong>VirtualHost *.80<\/strong>&#8221; to &#8220;<strong>VirtualHost *.443<\/strong>&#8221; (443 Port is used for SSL) and paste the above code inside your &#8220;<strong>VirtualHost *.443<\/strong>&#8221; tag.<br \/>\n<br \/>\n7. You can verify your apache config, using the command: apache2ctl configtest<br \/>\n8. Restart apache by issuing command: \/etc\/init.d\/apache2 restart OR apache2ctl restart<\/p>\n<p>Hope it helps.<\/p>\n<p>Regards,<br \/>\nGautam Malhotra<br \/>\ngautam@intelligrape.com<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In one of my project, I have to set-up SSL certificates for my website to make it secure, so that it could also be access via https protocol. SSL is a way to secure internet communication from your browser to a secure website. The websites using SSL will have https:\/\/ to their name. Following are [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":16},"categories":[1],"tags":[18,825,260,824,8],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/5608"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=5608"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/5608\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=5608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=5608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=5608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}