If you have a VPS server, chances are you will be installing your SSL certificate using this tutorial. While the control panel and user interfaces may differ, the process remains the same. In this tutorial you will learn how to:
- Obtain a certificate signing request via your VPS
- Add your CSR to your registrar
- Download your SSL certificate
- Rename your SSL certificates so they make logical sense
- Create a basic directory on your server to hold your certificates
- Enable SSL module in Apache
- Write your Apache configuration file to handle the SSL requests
- Redirect non-https requests to the secure version
To begin, you will need to open your favorite open-source terminal emulator, serial console, and network file transfer application. We prefer PuTTY to administer our servers.
Ths creates the keys on your VPS Apache server
Enter the specifics about your company like the example below
State or Province Name (full name) [Some-State]:Tampa
Locality Name (eg, city) :Tampa
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Company
Organizational Unit Name (eg, section) :
Common Name (e.g. server FQDN or YOUR name) :yourdomain.com
Email Address :firstname.lastname@example.org
Ths creates the CSR based on the specifics you provided
Copy The Encrypted CSR shown in the image below:
Add The CSR To Your Registrar
In these steps, we are using GO Daddy as an example to illustrate the certificate signing request process. If you use another registrar, no problem. You can always contact us for assistance on this service.
You will then agree to the terms and conditions and make sure you are able to check email from the email address associated with your domain name.
Once you hit request, you will have to wait for propagation. If this is a standard SSL certificate, this propagation should only take a few minutes. On extended validation certificates, this process will take a few days and you will need to speak to your registrar on the phone to verify your business ownership.
After propagation, you will be sent an email with a link to download your certificate. Click the link and you will be brought to the certificate download page.
You will download a zip file to your computer containing your certificate files. Extract the files from the folder and take a look inside. You will see a file that has a bunch of random letters and numbers (this is your SSL certificate) the other is a file that will be called gd_bundle-g2-g1.crt (or some variant of this name) You will rename these files prior to installing them on your server in the step below.
Now you will rename these files prior to placing them on your server.
Rename the file with various letters and numbers to yourdomain.com.crt
Rename the file that has gd_bundle to yourdomain.interm.crt
Installing the Certificate
Open your FTP client and connect to your server. Create a directory called certs under your preferred root user account. Move the yourdomain.com.csr file and the yourdomain.com.key file that are under your root into this new certs directory. Now upload the newly renamed files yourdomain.com.crt and yourdomain.com.interm.crt into the certs folder.
Your certs directory should look like this:
Edit your 000-default.conf
Open your Apache sites available file. We will use 000-default.conf as an example. You may have renamed this Apache configuration file when securing your server. You will make your adjustments like this:
Ths enables SSL on your Apache Server
Ths restarts your apache server and applies the changes