Installing an SSL certificate under Linux+apache

Source: Internet
Author: User
Tags ssl certificate

one, Apache installation SSL certificate requires three configuration files

Warm tip: Before installing the certificate, please back up the server configuration file you need to modify

1_ROOT_BUNDLE.CRT, 2_DOMAINNAME.COM.CRT, 3_ Domainname.com.key.

Note: These three files are in folder for Apache.zip, where domainname.com is your domain name, 2_ DOMAINNAME.COM.CRT is the public key, and 3_ Domainname.com.key is the private key. (File suffix CRT and CER are of the same nature)

Second, installation certificate

1. Modify the httpd.conf file under Apache.

(1) Open the httpd.conf file in the Conf directory under the Apache installation directory to find

#LoadModule ssl_module modules/mod_ssl.so #Include conf/extra/httpd-ssl.conf

(2) Delete the configuration statement comment symbol "#" at the beginning of the line and save the exit.

2. Modify the Apache Httpd-ssl file.

(1) Open the httpd-ssl.conf file in the Conf/extra directory under the Apache installation directory and look for the following configuration statement in the configuration file:    

a). Sslcertificatefile/usr/local/apache/ssl/public.cer (Configure the server certificate public key (2_DOMAINNAME.COM.CRT) to this path, and replace PUBLIC.CRT); b). Sslcertificatekeyfile/usr/local/apache/ssl/private.key (Configure the server Certificate private key (3_domainname.com.key) to this path, replacing Private.key);  c). #SSLCertificateChainFile/usr/local/apache/ssl/ca.cer (Remove the "#" comment from the beginning of the line and configure the intermediate CA certificate (1_ROOT_BUNDLE.CRT) to the path). D) Add the following code to any location, specifying the SSL encryption protocol Sslprotocol All-sslv2-sslv3sslciphersuite aesgcm:all:! Dh:! export:! rc4:+high:! medium:! Low:!anull:!enull

(2) Save exit and restart Apache. Restart mode:

Go to the Bin directory under the Apache installation directory and run the following command

./apachectl-k stop./apachectl-k start

Access your site over HTTPS to test the installation configuration of the site certificate.

Replacing the new certificate can replace the old certificate directly with the new certificate, and if it does not take effect, restart the related service.

Restart Apache services under CentOS: Service httpd restart

Restart Apache service under Ubuntu:/etc/init.d/apache2 restart


This article is from the "Cvsblog" blog, make sure to keep this source http://cuis1.blog.51cto.com/8805022/1965122

Installing an SSL certificate under Linux+apache

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.