Top

Install an SSL Certificate on Apache

Posted in Webhosting Tips on Dec 11, 2019

1332

Did you installed an SSL certificate on your Apache for CentOS or Fedora? If not, why take a chance with your website security?

Today SSL Certificates are very important for any website to be secure and provide safe browsing to the clients. Websites with SSL certificates earn validation for the encryption of the data sent between them and their clients.

Note: Not only clients look for an SSL certificate, but even Google is also considering SSL based websites for ranking.

Types of SSL certificates


  1. Extended Validation Certificates

  2. Wildcard SSL certificate

  3. Organization Validated certificates

  4. Multi-Domain SSL certificate

  5. Domain Validated certificates


Extended Validation Certificates

The Extended validation Certificates are the highest-ranking and most expensive SSL certificate type.

  • This type of SSL certificate, when installed, displays the padlock, Name of the business, and the Country on the browser address bar.

  • Displaying the website owner’s information in the address bar helps distinguish the site from malicious sites.

Wildcard SSL Certificate

Purchasing a wildcard SSL certificate is cheaper than purchasing several single-domain SSL certificates.

  • Wildcard SSL certificates are used to secure a base domain and unlimited subdomains.

  • Wildcard SSL certificate has an *asterisk() as part of the common name*. The asterisk represents any valid subdomain that has the same base domain.

Organization Validated certificates

The organization's Validation SSL certificate's primary purpose is to encrypt the user’s sensitive information during transactions.

  • The commercial or public-facing website has a requirement to install an Organization validated Certificat to assure that any customer information shared remains confidential.

  • To obtain an Organization SSL certificate, the website owner needs to complete a substantial validation process.

Multi-Domain SSL certificate

A multi-domain certificate is secured up to 100 different names and subdomains using a single certificate which helps to save time and money. You have control of the Subject Alternative Name(SAN) field to Add, Change, and delete any of the ASNa as needed.

  • The Domain Validated, Organization Validated, Extended Validated, and wildcard SSL types are available as well.

Domain Validated certificates

The Validation Process to obtain the Domain Validation SSL Certificate type is minimal.

  • Domain Validation SSL Certificate has a low assurance and minimal encryption, typically for blogs or informational websites.

  • The process only requires website owners to prove domain ownership by responding to an email or phone call. This certificate type is one of the least expensive and fastest to obtain.

Why should we use an SSL certificate?

Secure Socket Layer (SSL) provides security to the data that is transferred between the web browser and server. SSL encrypts the link between a web server and a browser which ensures that all data passes between them remain private and free from attack.

Steps to install an SSL certificate for the Apache HTTP server on CentOs and Fedora

  1. Login to the server through SSH

  2. OpenSSL client software should be installed.

Install Mod SSL

To set up an SSL, we first have to be sure that Apache and Mod SSL are installed on the VPS.

# yum install mod_ssl openssl
  1. Create a new directory where we will store the server key and certificate.
# mkdir /etc/httpd/ssl
  1. Move the SSL certificate file and server key to the new directory

  2. Configure the SSL certificate using a vi text editor

# vi /etc/httpd/conf.d/ssl.conf

Once the file opens, edit the file so that it must point to the correct files in the webserver. It will look similar to this:

SSLEngine on
SSLCertificateFile /path/to/your_very_own_domain.crt
SSLCertificateKeyFile /path/to/your_private.key
  1. Check that the configured files are free from any errors
# apachectl configtest
  1. Be Ready to restart the safe and secure web server
# /etc/init.d/httpd restart

In your browser, type https:// youdomain.com to view the new certificate.

Sudha Kothapalli Author: Sudha Kothapalli Digital Marketing Executive and a learner with an ongoing curiosity to learn New Social Media techniques, writes about Digital Marketing and Technology Trends Follow Us: