Archi FX Logo White Web Design Tampa Bay

If you were curious about what we are working on this year, check out some of our recent builds and as always, reach out to these business owners and ask about us. We are confident you'll like what you hear.

How To Install An SSL Certificate On Your VPS Running Apache

how-to-install-a-ssl-certificate-on-your-vps-web-server

How To Install An SSL Certificate On Your VPS Running Apache

If you have a VPS server, chances are you will be installing your SSL certificate using this tutorial. While the control panel and user interfaces may differ, the process remains the same. In this tutorial you will learn how to:

  • Obtain a certificate signing request via your VPS
  • Add your CSR to your registrar
  • Download your SSL certificate
  • Rename your SSL certificates so they make logical sense
  • Create a basic directory on your server to hold your certificates
  • Enable SSL module in Apache
  • Write your Apache configuration file to handle the SSL requests
  • Redirect non-https requests to the secure version

To begin, you will need to open your favorite open-source terminal emulator, serial console, and network file transfer application. We prefer PuTTY to administer our servers.

openssl req -newkey rsa:2048 -nodes -keyout yourdomain.com.key -out yourdomain.com.csr

Ths creates the keys on your VPS Apache server

Enter the specifics about your company like the example below

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Tampa
Locality Name (eg, city) []:Tampa
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Company
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:yourdomain.com
Email Address []:bill@yourdomain.com
cat yourdomain.com.csr

Ths creates the CSR based on the specifics you provided

Copy The Encrypted CSR shown in the image below:

CSR Example

Add The CSR To Your Registrar

In these steps, we are using GO Daddy as an example to illustrate the certificate signing request process. If you use another registrar, no problem. You can always contact us for assistance on this service.

Paste CSR Here

Paste CSR Here

You will then agree to the terms and conditions and make sure you are able to check email from the email address associated with your domain name.

agree-to-domain-ownership

Once you hit request, you will have to wait for propagation. If this is a standard SSL certificate, this propagation should only take a few minutes. On extended validation certificates, this process will take a few days and you will need to speak to your registrar on the phone to verify your business ownership.

Pending Verification

After propagation, you will be sent an email with a link to download your certificate. Click the link and you will be brought to the certificate download page.

Download your SSL certificate

Select Apache Server Type

You will download a zip file to your computer containing your certificate files. Extract the files from the folder and take a look inside. You will see a file that has a bunch of random letters and numbers (this is your SSL certificate) the other is a file that will be called gd_bundle-g2-g1.crt (or some variant of this name) You will rename these files prior to installing them on your server in the step below.

Certificate Files

Now you will rename these files prior to placing them on your server.
Rename the file with various letters and numbers to yourdomain.com.crt
Rename the file that has gd_bundle to yourdomain.interm.crt

Rename your SSL certificate

Installing the Certificate

Open your FTP client and connect to your server. Create a directory called certs under your preferred root user account. Move the yourdomain.com.csr file and the yourdomain.com.key file that are under your root into this new certs directory. Now upload the newly renamed files yourdomain.com.crt and yourdomain.com.interm.crt into the certs folder.

Your certs directory should look like this:

Keys

Edit your 000-default.conf

Open your Apache sites available file. We will use 000-default.conf as an example. You may have renamed this Apache configuration file when securing your server. You will make your adjustments like this:

V Host

sudo a2enmod ssl

Ths enables SSL on your Apache Server

service apache2 restart

Ths restarts your apache server and applies the changes

Enjoy!



Call Now

Client Application