Using Commercial SSL Certificates on your Linux Apache Server
Refer this blog to get a basic understanding of using self-signed SSL certificates on your Apache server.
Also, the above link will help you in generating a private key and a CSR (Certificate Signing Request), which contains information about your country, locality, company, your public key, etc.; for your server.
For commercial SSL certificates firstly a private key is generated as mentioned in the blog. Then using the private key a CSR is generated.
Give this CSR to the Certification Authority or Certificate Authority (CA) Authority (Here, GoDaddy) so that it can generate an SSL certificate for your domain. Also, you need to provide some documents to ensure that the domain name belongs to you.
After CA has verified the documents and used your CSR to create the SSL Certificate, you can download it from My Products Section > SSL CERTIFICATES > Manage > Download.
After downloading you’ll notice that it contains two files one named <some_hash_value>.crt and other gd_bundle-g2-g1.crt.
So your Apache(version < 2.4.8) configuration becomes:
[sourcecode language=”bash”]
SSLCertificateFile << path_to_<some_hash_value>.crt >>
SSLCertificateKeyFile << path_to_private_key_used_for_csr >>
SSLCertificateChainFile << path_to_gd_bundle-g2-g1.crt >>
[/sourcecode]
And Apache(version > 2.4.8) configuration becomes:
[sourcecode language=”bash”]
SSLCertificateFile << path_to_<some_hash_value>.crt >>
SSLCertificateKeyFile << path_to_private_key_used_for_csr >>
SSLCACertificatePath << path_to_gd_bundle-g2-g1.crt >>
[/sourcecode]
Now, reload/restart the Apache to see the effective changes.
The website will now load with secure https connection.
The details of the certificate can be viewed in the browser by visiting Inspect Element > Security > View certificate.
Hope after reading this you’ll be able to easily apply commercial certificates(especially GoDaddy’s) on your Apache server, and there will be no confusion regarding which file to be used as SSLCertificateFile and SSLCertificateChainFile/SSLCACertificatePath.