Guides and tutorials

Hundreds of tutorials and step by step guides carefully written by our support team.

How to install SSL certificate in Apache

Before starting the tutorial, don't you have a Cloud Linux server with Apache where you can install your SSL certificate? Don't worry! With just one click, you can easily deploy it with SW Hosting.

cta:cloud_so

To install an SSL certificate in Apache, we will need the following files:

  • Certificate (.crt)
  • Private key (.key)
  • Certificate Authority (.ca)

Do you already have them? Let's get started:

  1. Copy the three files to the server. In this manual we assume that you have uploaded the three files via FTP, but you can do it in any other way.

  2. Connect to the server via SSH and access the directory where we will host the certificates:

cd /etc/apache2/ssl/

  1. Create the directory corresponding to your domain and access it:

mkdir minuevaweb.es

cd minuevaweb.es

  1. We move the certificates in the created directory. Assuming that you have uploaded them to the 'web' directory via FTP, we will move them as follows:

mv /var/www/minuevaweb.es/data/web/web/certificado.crt /etc/apache2/ssl/minuevaweb.es/

mv /var/www/minuevaweb.es/data/web/web/certificate.key /etc/apache2/ssl/minuevaweb.es/

mv /var/www/minuevaweb.es/data/web/web/certificate.ca /etc/apache2/ssl/minuevaweb.es/

  1. We change the owner and group of the certificates to root:

chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.crt

chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.key

chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.ca

We have already moved the certificates in the corresponding directory.

Next, we will proceed to configure the VirtualHost block in Apache:

  1. Access the configuration file directory vhosts:

cd /etc/apache2/sites-enabled/

  1. Edit the configuration file corresponding to the web site where you are installing the SSL certificate. In this example we use the text editor nano, but you can use any other text editor:

cd /etc/apache2/sites-enabled/

  1. We make a copy of the existing VirtualHost block below it, duplicating it (we will make changes later, don't worry):
<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>

(the original file)

<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/data/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>
</VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>

(the file with the original copy)

  1. In the second block VirtualHost, we modify the port from 80 to 443: <VirtualHost *:443>

  2. In the second VirtualHost block, we add before the end the following lines with the paths corresponding to our certificates:

        ...
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.crt
        SSLCertificateKeyFile /etc/apache2/ssl/minuevaweb.es/certificado.key
        SSLCACertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.ca
</VirtualHost>
  1. It will look like this:
<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>
<VirtualHost *:443>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/minuevaweb.es/certificate.crt
        SSLCertificateKeyFile /etc/apache2/ssl/minuevaweb.es/certificado.key
        SSLCACertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.ca
</VirtualHost>
  1. Save the changes made. In the text editor nano, you have to press the following key combination: Ctrl + X to save and exit. Y` key to confirm that you want to overwrite Enter key

  2. Check that the configuration is correct: apache2ctl -t You should see Syntax OK. If any error appears, review the previous steps.

  3. Reload the Apache configuration to apply the changes: /etc/init.d/apache2 graceful.

Ready! Access your site with the https:// prefix to verify that it works correctly.

Remember that if you do not yet have a Cloud Linux server on which you can install Apache and your SSL certificate, you can easily deploy it with SW Hosting.

cta:cloud_so