Products & Services | Switch to Us | Support | Contact Us | About Us | Home
 
support


CSR Generation

Validation

Certificate Installation

FAQ


server software

Apache (mod_SSL & OpenSSL)
cPanel / WHM
Cobalt RAQ
MS Exchange 2007
MS Exchange 2010
F5 BigIP
HSphere
IBM HTTP Server
iPlanet 4.x / SunONE 6.x
Java-based Webservers
Microsoft IIS 4.x
Microsoft IIS 5.x/6.x
Microsoft IIS 7.x
Oracle (using Wallet Manager)
Plesk



Certificate Installation: Apache

Installing a certificate using Apache (with mod_ssl) & OpenSSL

You should have received your certificate from us, a file typically named 'your_domain_com.crt' as well as the 'CA bundle' file containing the intermediate certificates, typically named 'your_domain_com.ca-bundle'. 'TrustedSecureCertificateAuthority.crt'

Installing the certificate requires you to be able to make changes to Apache's configuration files, and restart the Apache server process. Please ensure you can do this before you continue.

  1. Copy the certificate and CA bundle file to your server, into a directory where you plan to keep your certificates.
    This is commonly /etc/ssl/.


  2. You will now need to edit the Apache configuration file. The location of this file can vary depending on your distribution (Windows, Debian/CentOS/Fedora/etc. Linux) and the version of Apache you are using.
    Locate the file and open it in your preferred editor.


  3. Locate the VirtualHost section for the ssl-enabled site you are installing the certificate for. This will commonly begin <VirtualHost 127.0.0.1:443>.


  4. Add the following lines into the VirtualHost section, making sure to change the paths of the files to correspond to the locations of the files on your server.

    5. Apache 1.3.x: 
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
    SSLCACertificateFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle
    Apache 2.x: 
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
    SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle


  5. Save the changes to the file. Now you will need to restart Apache. It is sometimes required to 'stop' then 'start' Apache, instead of issuing the 'restart' command for the changes to take effect.
Notes:
If you have chosen to have a password on your private key, you will be prompted to enter it each time Apache is started or restarted. Apache will not fully start until the password is entered.

The configuration file is often called httpd.conf or apache.conf, although sometimes the SSL-specific section is placed in a separate file called ssl.conf and linked from the main configuration by an 'Include' command. Sometimes, the VirtualHost section will be in a specific file for that site, in a sub-directory often labelled sites-enabled/.

Much of the layout of Apache's configuration files and directory naming conventions is controlled by the distribution of OS you are using. It is recommended that you look at the distribution's own site and documentation to confirm the locations:
Debian, CentOS, Fedora etc.

  •     Enterprise SSL Certificates
      Secure your e-transactions and maximize budget efficiencies with TrustedSecure Enterprise SSL Certificates.
      Learn more
  •     TrustedSecure Site Seal
      Give your site visitors the confidence that they can share private information securely with the TrustedSecure Site Seal.
      Learn more
  •     CSC TrustedSecure CertManager
      Access the CSC TrustedSecure Certificate Authority and manage your enterprise's SSL portfolio online with the TrustedSecure CertManager.
      Learn more
  •     Cert-Assure™ Audit
      Uncover all certificates that have been registered and confirm their expiration dates with a Cert-Assure audit.
      Learn more
    • Copyright 2010 Corporation Service Company, All rights reserved.