All Documents
Current Document
Content is empty
If you don't find the content you expect, please try another search term
Content is empty
If you don't find the content you expect, please try another search term
Last updated:2021-03-15 15:35:24
This document describes how to install a certificate on an Apache for Linux server.
Install OpenSSL first so that Apache can support SSL.
Execute the following commands:
tar -zxf openssl-1.*.**.tar.gz // Decompress the package.
cd openssl-1.*.** // Change to the directory.
./config // Complete the configuration. It is recommended that you use the default settings.
make && make installBy default, OpenSSL is installed in the /usr/local/ssl directory.
./configure --prefix=/usr/local/apache --enable-so --enable-ssl --with-ssl=/usr/local/ssl --enable-mods-shared=all
// Complete the configuration. It is recommended that you use the dynamic compiler.
make && make install Dynamically compiling the Apache module facilitates module loading. Apache will be installed in the /usr/local/apache directory.
From the certificate issuing file, copy the server certificate content (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) to a text file and save it with server.crt as the name.
From the certificate issuing file, copy the content of the two CA certificates (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) to the same text file. Use a carriage return as the delimiter between the two certificates. Do not insert any blank line. Then, save the file as ca.crt. If there is only one CA certificate, you only need to copy and save the content of the certificate to the text file.
Open the httpd.conf file in the conf folder of the Apache installation directory. Locate the following line:
#LoadModule ssl_module modules/mod_ssl.soOpen the ssl.conf file in the conf folder in the Apache installation directory. Search for LoadModule ssl_module to locate the following lines:
#LoadModule ssl_module modules/mod_ssl.so
#Include conf/extra/httpd_ssl.confOpen the httpd-ssl.conf file in the conf/extra folder or the ssl.conf file in the conf folder in the Apache installation directory. Add or edit the following lines between <VirtualHost *:443> and </VirtualHost>:
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
SSLCertificateFile conf/server.crt # Set the server certificate path.
SSLCertificateKeyFile conf/server.key # Set the private key path for the server certificate.
#SSLCertificateChainFile conf/ca.crt # Delete the comment sign (#) at the beginning and set the CA certificate path.Go to the bin directory in the Apache installation directory and run the following commands to restart Apache:
./apachectl -k stop
./apachectl -k startAfter successfully installing the server certificate and completing configuration, back up the server certificate for further restoration.
Back up the following files:
See the procedures for installing a server certificate. After restoring a server certificate, modify the configuration files for the server certificate to take effect.
Pure Mode