Using secured certificates enhances user experience and will allow sellers to gain credibility among their buyers. The process of installing SSL certificates in various types of servers will vary while the basic configuration methods will remain the same. Among them, Apache forms a prominent position because a long list of websites use it as their basic framework because of some exclusive features that it offers. In this step by step guide, the complex theory of installing a secure sockets layer cert will be demystified so that you can complete the task with little technical knowledge. In order to successfully accomplish the goal, follow the steps promptly, and make use of the server helpline whenever required.
Installing SSL
A select list of certificate authorities offers the service. Instead of trying to generate private keys, using reputed solutions are ideal. The free SSL is an alternative for budget-conscious companies while paid versions of SSL certificates are the most commonly used ones. The first step is to have your Apache installed and OpenSSL as well. Only then you can register your domain and generate a CSR.
Send a signing request for RSA & CSR
Use the code below to get the task done.
[root@chevelle root]#
[root@chevelle root]# cd /etc/httpd/conf/ssl.key
Generating RSA without a passphrase
While by default it is done only with a passphrase, the drawback is that whenever Apache restarts, the server will be in offline mode until it is entered. Skip it with this code. For multiple domains, using wildcard SSL is a favorable option.
[root@chevelle /etc/httpd/conf/ssl.key]# openssl genrsa -out your domain.key 1024
For using passphrase,
[root@chevelle/etc/httpd/conf/ssl.key]# OpenSSL genrsa -des3 -out your domain.key 1024
RSA private key with passphrase is not the best option of all. Apache restart is a common occurrence when a script fails to run but the website will go down until the code is verified manually. Skip it instead and use the code said on top to create a key without it.
Generate CSR with RSA key
The next step is to provide your basic details including organization, common name, country, locality, and state. Don’t use special characters in here. The code is given below.
[root@chevelle/etc/httpd/conf/ssl.csr]# openssl req -new -key yourdomain.key -out yourdomain.csr
[root@chevelle/etc/httpd/conf/ssl.csr]# mv yourdomain.csr ../ssl.csr
Then, provide the e-mail and a password. You will now have your,
/etc/httpd/conf/ssl.key/yourdomain.key
/etc/httpd/conf/ssl.csr/yourdomain.csr
Keeping a copy of the private key is very important because, without the same, there’s no other option except to buy a new cert if you lose this one because certs like EV SSL is quite pricey to acquire one more time.
Installing SSL certificates is an easy task once you learn the basics and the steps involved.