{"id":592,"date":"2017-03-10T15:35:33","date_gmt":"2017-03-10T15:35:33","guid":{"rendered":"http:\/\/sls.gmu.edu\/web\/?p=592"},"modified":"2017-03-22T20:03:01","modified_gmt":"2017-03-22T20:03:01","slug":"installing-an-ssl-certificate-on-apache","status":"publish","type":"post","link":"https:\/\/sls.gmu.edu\/web\/2017\/03\/10\/installing-an-ssl-certificate-on-apache\/","title":{"rendered":"Installing an SSL Certificate on Apache"},"content":{"rendered":"<p>DigiCert:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.digicert.com\/csr-creation-apache.htm\">How to create a CSR (Certificate Signing Request)<\/a><\/li>\n<li><a href=\"https:\/\/www.digicert.com\/ssl-certificate-installation-apache.htm\">How to install SSL Certificate on Apache<\/a><\/li>\n<\/ul>\n<p>Godaddy:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.godaddy.com\/help\/apache-generate-csr-certificate-signing-request-5269\">Apache: Generate CSR (Certificate Signing Request)<\/a><\/li>\n<li><a href=\"https:\/\/www.godaddy.com\/help\/apache-install-a-certificate-centos-5238\"> Install a certificate (CentOS)<\/a><\/li>\n<\/ul>\n<p>Guide:<\/p>\n<ul>\n<li><a href=\"https:\/\/movingtohttps.com\/\">Moving to HTTPS<\/a><\/li>\n<\/ul>\n<p>Once a certificate and key have been purchased and generated, you will need to upload the files to your server.<\/p>\n<p>If FTP is enabled on the server I would recommend <a href=\"https:\/\/filezilla-project.org\/\">Filezilla<\/a> or <a href=\"https:\/\/cyberduck.en.softonic.com\/\">CyberDuck<\/a> FTP Clients to upload your files.<\/p>\n<p>Once the files are uploaded, SSH into the server and <code>sudo mv<\/code> the files into the \/etc\/ssl\/ directory. <\/p>\n<p>Next, setup your virtual host for port 443. Before you get started, make sure your server has an SSL Engine. If not, you may need to install <a href=\"http:\/\/httpd.apache.org\/docs\/current\/mod\/mod_ssl.html\">mod_ssl<\/a>. To run the mod_ssl install command use the following code:<\/p>\n<p><code>yum install mod_ssl<\/code><\/p>\n<p>Now you will be able to setup the virtual host by configuring the Apache mod_ssl module. On a standard install, the file may be located at \/etc\/httpd\/conf.d\/ssl.conf.<\/p>\n<p>The default file will have a number of instructions interspersed between lines of code. The most important lines of code will need to be edited with your server and sites information. See below: (be sure to remove quote marks when entering your information)<\/p>\n<p><code><br \/>\n<VirtualHost \"Site IP\":443><br \/>\n    ...<br \/>\n    SSLEngine on<br \/>\n    SSLCertificateFile      \"\/etc\/ssl\/signed certificate\"<br \/>\n    SSLCertificateChainFile \"\/etc\/ssl\/intermediate_certificate\"<br \/>\n    SSLCertificateKeyFile   \"\/etc\/ssl\/private\/key\"<\/p>\n<p>    # Uncomment the following directive when using client certificate authentication<br \/>\n    #SSLCACertificateFile    \/path\/to\/ca_certs_for_client_authentication<\/p>\n<p>    ...<br \/>\n<\/VirtualHost><\/code><\/p>\n<p>Test your Apache configuration using the following command:<\/p>\n<p><code>apachectl configtest<\/code><\/p>\n<p>If no errors have occurred, restart Apache to complete the SSL configuration. Use the following command:<\/p>\n<p><code><br \/>\napachectl stop<br \/>\napachectl start<\/code><\/p>\n<p>Your website will now have a green padlock when using the HTTPS protocol. To redirect all non secure traffic automatically to HTTPS, edit your site&#8217;s non-secure port 80 Virtual Host.<\/p>\n<p>On a standard install, this file would be found in \/etc\/httpd\/. Edit the virtual host using the following (be sure to remove quote marks):<\/p>\n<p><code><VirtualHost \"Site's IP\":80><br \/>\n   ServerName \"Site's url (don't include protocol) ex: mysite.example.com\"<br \/>\n   DocumentRoot \"Site files directory ex: \/var\/www\/html\/site\"<br \/>\n   Redirect permanent \/secure \"Site's url with new secure protocol https:\/\/mysite.example.com\/\"<br \/>\n<\/VirtualHost><br \/>\n<\/code><\/p>\n<p>Restart Apache and you&#8217;re all set.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DigiCert: How to create a CSR (Certificate Signing Request) How to install SSL Certificate on Apache Godaddy: Apache: Generate CSR (Certificate Signing Request) Install a certificate (CentOS) Guide: Moving to HTTPS Once a certificate and key have been purchased and generated, you will need to upload the files to your server. If FTP is enabled &hellip; <a href=\"https:\/\/sls.gmu.edu\/web\/2017\/03\/10\/installing-an-ssl-certificate-on-apache\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Installing an SSL Certificate on Apache&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[9],"tags":[],"class_list":["post-592","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/posts\/592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/comments?post=592"}],"version-history":[{"count":0,"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/posts\/592\/revisions"}],"wp:attachment":[{"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/media?parent=592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/categories?post=592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sls.gmu.edu\/web\/wp-json\/wp\/v2\/tags?post=592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}