Today I'll tell you how to install an SSL certificate for your personal website or blog to protect the security of your visitors and your site's communications.
Secure Sockets Layer, or SSL, is a standard security technique for encrypting connections between Web sites and browsers. This ensures that the data transferred between the server and the browser remains private and secure. It is used by thousands of people to protect their communications with customers. To enable SSL linking, the Web server requires an SSL certificate to be installed.
You can create your own SSL certificate, but this default will not be trusted by the browser, to solve this problem, you need to purchase a certificate from a trusted certification authority (CA), we will show you how to obtain the certificate and install in Apache. Generate a Certificate signing request
The Certificate Authority (CA) will require you to generate a certificate signing request (CSR) on your server. This is a very simple process, just a little while, you need to run the following command on your server and enter the information you need:
Copy Code code as follows:
# OpenSSL Req-new-newkey rsa:2048-nodes-keyout yourdomainname.key-out YOURDOMAINNAME.CSR
The output will look like this:
This step generates two files: a private key file for decrypting the SSL certificate, and a certificate signing request (CSR) file for your SSL certificate.
Depending on the organization you are applying for, you will need to upload a CSR file or paste the contents of the file in a Web site form.
Install the actual certificate in Apache
After the build step is complete, you will receive a new digital certificate. In this tutorial we used Comodo SSL and received a certificate in a ZIP file it sent us. To use it in Apache, you first need to use the following command to create a combined certificate with the received certificate:
Copy Code code as follows:
# cat Comodorsadomainvalidationsecureserverca.crt comodorsaaddtrustca.crt addtrustexternalcaroot.crt > Bundle.crt
Use the following command to ensure that the SSL module has been loaded into Apache:
Copy Code code as follows:
If you see the "Module SSL already enabled" message that you are successful, if you see "Enabling Module SSL", then you need to restart Apache with the following command:
Copy Code code as follows:
# Service Apache2 Restart
Finally, modify your virtual host file (usually under/etc/apache2/sites-enabled) as follows:
Copy Code code as follows:
documentroot/var/www/html/
ServerName linoxide.com
Sslengine on
Sslcertificatefile/usr/local/ssl/crt/yourdomainname.crt
Sslcertificatekeyfile/usr/local/ssl/yourdomainname.key
Sslcacertificatefile/usr/local/ssl/bundle.crt
You should now be able to access your site using https://YOURDOMAIN/(note ' https ' instead of ' http ') and see the SSL progress bar (usually expressed in your browser with a lock).
Note: Now all content links must point to HTTPS, if some of the content on the site (such as pictures or CSS files, etc.) still point to the HTTP link, you will get a warning in the browser, to fix this problem, please make sure each link points to https.
REDIRECT HTTP requests to HTTPS on your site
If you want to redirect the regular HTTP request to HTTPS, add the following text to the virtual host you want to modify, or join the apache.conf if you want to add to all sites on the server:
Copy Code code as follows:
Rewriteengine on
Rewritecond%{https} off
Rewriterule (. *) Https://%{http_host}%{request_uri}