SSL Certificates

Installation Instructions - Apache + MODSSL

Your certificate will be sent to you by email. The email message includes the web server certificate that you purchased in the body of the email message.

Copy the certificate from the body of the email and paste it into a text editor (such as notepad) to create text files.

Firstly when your issuance email arrives it will contain your web server certificate. Copy your web server certificate into a text editor such as notepad including the header and footer.

You should then have a text file that looks like:

Text File Content

Make sure you have 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.

  1. Save the certificate file in your text editor as domainname.crt Note: The examples below use the following naming conventions: "Your Private Key" = "domainname.key"; "Your Web Server Certificate" = "domainname.crt"
  2. Copy the certificate to the Apache server directory in which you plan to store your certificates (by default: /usr/local/apache/conf/ssl.crt/ or /etc/httpd/conf/ssl.crt/).
  3. Open the Apache httpd.conf file in a text editor. Locate the SSL VirtualHost associated with your certificate. Verify that you have the following 2 directives within this virtual host. Please add them if they are not present:

    SSL VirtualHost Directives

    Note that some instances of Apache will store Virtual Host information in a ssl.conf file. If your httpd.conf contains no Virtual Host information then you will need to locate and amend the ssl.conf as above.

  4. Save the changes and exit the editor.
  5. Start or Restart your apache web server.

    Additional information

    Your httpd.conf should contain some or all of the following directives (for an IP based site). Those directives marked in bold are SSL related. Those directives marked in italics should only be used for troubleshooting.

    SSL VirtualHost Directives

    SSLSessionCache & SSLSessionCacheTimeout prevent known issues with Mac Internet Explorer compatibility with Apache. You are only advised to add these directives if you are experiencing Mac compatibility issues.

    SetEnvIf User-Agent fixes the Intermittant Server Errors associated with some versions of Windows Internet Explorer. You are only advised to add this directive if you are experiencing compatibility issues with old versions of Internet Explorer.
For more information about configuring Apache, please review
http://httpd.apache.org/docs-2.0/mod/mod_ssl.html

Test your certificate by using a browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP. The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL

Return to Install Instruction List

Bookmark and Share