Installing SSL on Apache

Apache / SSL

My basic steps for installing SSL:

1. Generate a .key (private key) and .csr (certificate signing request) for your domain:

    openssl genrsa -out <filename for your private key> 2048
    openssl req -new -key <filename for your private key> -out <filename for the CSR>
   

2. Paste this CSR into the CSR form on your SSL provider.
3. Copy the generated certificate files into e.g. /etc/apache2/ssl: (AddTrustExternalCARoot.crt, PositiveSSLCA2.crt, my_domain.crt)
4. Create a new site e.g. /etc/apache2/sites-available/my-domain-ssl:

    <VirtualHost *:443>
      ServerName domain.org
      ServerAlias www.domain.org
      // etc
   
      SSLEngine on
      SSLCertificateFile /etc/apache2/ssl/my_domain.crt
      SSLCertificateKeyFile /etc/apache2/ssl/my_domain.key
      SSLCertificateChainFile /etc/apache2/ssl/PositiveSSLCA2.crt
    </VirtualHost>
   

5. Enable SSL module in Apache

    sudo a2enmod ssl
    sudo service apache2 restart
   

6. Enable the new site

    sudo a2ensite my-domain-ssl
    sudo service apache2 reload