Installing SSL Certificate to VPS Hosting (Apache)
On this article we will provide the guidance on how to install SSL to your VPS Hosting running on Apache Web Service. We assume that you already have SSL Certificate issued and and only need to install it for your website which is hosted on VPS Hosting.
Our servers already has a folder /etc/ssl/ and we will be using it to store your certificate files.
1. First thing you need to do is to upload your certificate files to the /etc/ssl/ The list of files consist of these:
- domain.tld.crt (Certificate);
- domain.tld.key (Private Key);
- domain.tld.ca-bundle (Certification Authority (CA)).
Note. Private Key is provided when you generate the CSR. Certificate and CA files can be downloaded from our Celints Area page. Files should be provided from the other provider if you ordered certificates elsewhere.
2. Configuring Apache for SSL:
There is a default configuration file which you will need to edit:
sudo nano /etc/apache2/sites-available/default-ssl.conf
You will need to add this line under "<VirtualHost _default_:443>" if it is not there yet:
In the same file find the line and edit the file path to your uploaded certificate files on server:
Note. The files path may be different if you prefer that, just do not forget to edit the files path correctly.
Enable ModSSL module for Apache:
sudo a2enmod ssl
Enable our Apache SSL configuration file which we edited earlier:
sudo a2ensite default-ssl
sudo systemctl restart apache2
That is it, your certificate was installed.
Additionally, it is useful to know, that you can also generate CSR via command line:
openssl req -new -newkey rsa:2048 -nodes -keyout domain.tld.key -out domain.tld.csr
After this, you will have to fill the CSR details like bellow:
Country Name (2 letter code) [XX]: LT
State or Province Name (full name) : Lietuva
Locality Name (eg, city) [Default City]: Vilnius
Organization Name (eg, company) [Default Company Ltd]: It can be your company name or First and Last name for individual person
Organizational Unit Name (eg, section) : IT
Common Name (eg, your name or your server's hostname) : domain.tld (exact name of the domain, which will certificate be issued for)
Email Address : firstname.lastname@example.org
A challenge password : press ENTER
An optional company name : press ENTER
That is it. Your CSR is ready and you can provide the content of it for certificate issuer. Private Key file was generated as well, you will need to use it for installing SSL.