configure ssl certificate in apache ubuntu

How to Install SSL Certificate in Apache Web Server

SSL certificates allow web traffic encryption and security. Here’s how to install SSL certificate in Apache web server. You can use these Apache SSL configuration steps for Ubuntu Linux as well as Debian/CentOS/Redhat systems.

How to Configure SSL Certificate in Apache Web Server

Here is a step-by-step guide to install SSL certificate in Apache for Ubuntu.

1. Enable mod_ssl

mod_ssl is an Apache module required to install and manage SSL/TLS certificates. mod_ssl is already installed in Ubuntu/Debian systems. Open terminal and run the following command to enable mod_ssl

$ sudo a2enmod ssl

You can install it on Redhat/CentOS/Fedora Linux with the following command.

$ yum install mod_ssl

Bonus Read : How to Redirect Page to Another Domain with .htaccess File

2. Get SSL Certificate

Next, get the SSL/TLS certificate bundle from your certificate authority such as Namecheap, RapidSSL, Comodo, GoDadddy, Let’s Encrypt, etc. You can also use a free SSL provider like SSLForFree.

You will get 3 files from certificate authority.

  1. key (e.g private.key) – your key file. Don’t share this with anyone publicly
  2. Certificate (e.g certificate.crt) – actual SSL/TLS certificate for your domain
  3. Ca_bundle (e.g ca_bundle.crt) – Root/intermediate certificate

Bonus Read : How to Set Apache Header Conditionally

3. Apache SSL Configuration

Now that we have setup the prerequisites, we will configure SSL certificate in Apache

Create a new directory to store your SSL/TLS certificates

$ sudo mkdir /etc/apache2/ssl

Download the 3 files mentioned in step 2 to ssl directory created above.

Next, open Apache configuration file. You can open the default configuration file

$ sudo vi /etc/apache2/sites-enabled/000-default.conf

If you have setup virtual host for your website (e.g www.example.com) and created a separate config file for this website (e.g example.conf) then open that file.

$ sudo vi /etc/apache2/sites-enabled/example.conf

Add the following lines in VirtualHost tag before </VirtualHost> line.

SSLEngine On
SSLCertificateFile "/etc/apache2/ssl/certificate.crt"
SSLCertificateChainFile "/etc/apache2/ssl/ca_bundle.crt"
SSLCertificateKeyFile "/etc/apache2/ssl/private.key"

Your VirtualHost block will look something like this

<VirtualHost *:443>
DocumentRoot /var/www/
ServerName www.example.com
SSLEngine On
SSLCertificateFile "/etc/apache2/ssl/certificate.crt"
SSLCertificateChainFile "/etc/apache2/ssl/ca_bundle.crt"
SSLCertificateKeyFile "/etc/apache2/ssl/private.key"
</VirtualHost>

In the above lines, we use 3 Apache server directives

  1. SSLCertificateFile – Certificate CRT file path
  2. SSLCertificateKeyFile –  Private key file path
  3. SSLCertificateChainFile – CA bundle file path

Bonus Read : How to Enable mod_headers in Apache Ubuntu

4. Test Apache Configuration and Restart Server

Run the following command to test Apache server configuration

$ sudo apachectl configtest

If you don’t see any error, restart Apache web server.

# sudo service httpd restart           [On RedHat based systems]
# sudo service apache2 restart         [On Debian based systems]

Now you have installed SSL certificate in Apache web server. Open a browser and visit https:// version of your domain (e.g https://www.example.com).

You will see a lock symbol next to your URL, in browser’s address bar, indicating that your website’s SSL/TLS certificate is working properly.

example.com https ssl tls

Hopefully, now you can configure SSL certificate in Apache for Ubuntu as well as other Linux systems.

mm

About Ubiq

Ubiq is a powerful dashboard & reporting platform for small & medium businesses. Build dashboards, charts & reports for your business in minutes. Get insights from data quickly. Try it for free today!