Steps for installing SSL certificate in Linux

December 1, 2008
Fuad

Here is a complete process of installing SSL certificate in Linux box which run in Amazon EC2 instance and served by Apache. I will also provide suggestion to show how homepage can be served in https while invoking the default page.

I tested with:

1. Linux version 2.6.16 (Red Hat 4.0.1-5)

2. Apache 2

You will need an installed copy of OpenSSL in the box. It is installed by default with Apache2. If you do not have it installed you should install it from http://www.openssl.org/

So here are the steps:

1. Generating a private key

To create a private key Go to /etc/apache2/conf.d and use the following command:

/usr/bin/openssl genrsa –rand /dev/urandom –out /etc/apache2/conf.d/server.key

Hence a private key file named “server.key” will be generated at the /etc/apache2/conf.d

2. Generating CSR (certificate signing request)

For creating a file named server.csr at the same directory the following command should be written:

/usr/bin/openssl req –new –key /etc/apache2/conf.d/server.key –out /etc/apache2/conf.d/server.csr

After proving this command some information should be provided. A CSR file will be generated after this one.

3. Creating a Certificate

You can generate a Commercially Signed Certificate file from any Commercially Signed Authority by providing the private key and csr.

4. Installing the certificate

Go to /etc/apache2/sites-available/default and add the following configuration:

SSLEngine on
SSLCertificateFile /etc/apache2/SSL_Files/abc.crt
SSLCertificateKeyFile /etc/apache2/SSL_Files/abc.key
SSLCertificateChainFile /etc/apache2/SSL_Files/gd_bundle.crt

Make sure that port 443 is open.

That’s it!! Now your certificate is installed in the server.

Contributor: Fuad Bin Omar, COO, Nascenia

1 Comment. Leave new

Thanks for the info Faud. I am still in the process of learning how to install ssl certificate and decided to use SSL 247 as I needed to get my website ready as soon as possible. I am venturing into online retail and obviously needed security for my customers when they make a payment.

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.