Login
Register
Gordon State College Information Technology Help Desk Help Desk Knowledgebase
Apache Redhat SSL Certificate Request and Installation (For DigiCert)
Suggested knowledgebase articles:

Apache Redhat SSL Certificate Request and Installation (For DigiCert)

 Problem Description : 

How to install an SSL Certificate on Apache (RHEL 5)

 

 

 Resolution : 

 

WE ARE NO LONGER USING DIGICERT. SEE BEST SOLUTION TITLED 'Apache Redhat SSL Certificate Request and Installation (For Comodo)'

 

 

.

..

...

....

1. Go to https://www.digicert.com/easy-csr/openssl.htm and enter the Certificate details (example below). Press the Generate button

2. Copy the command that is generated and open PuTTy or any terminal session and connect to the apache host (i.e. osprey.gdn.edu) using the root user

3. When connected to the host paste the command into the terminal window and hit enter to generate the certificate. This will add two files to the root folder on Redhat (star_gordonstate_edu.csr and star_gordonstate_edu.key).

4. Open the star_gordonstate_edu.csr file and copy the entire contents of the file (certificate key). You can do this within the terminal window by doing a "more" on the file.

5. Log into our DigiCert account and under My Orders - click on the Order # - scroll down and click on the 'Get a Dupicate' to create another certificate for the server you are working with.

6. Paste the certificate request you copied in Step #4 - choose Apache from the Server Software area - enter the subdomains you need (i.e. www, www2, etc.) and click 'Process...'

7. It will take a few minutes for the certificate to appear at the bottom of the page. When available click on the download button which will download a zipped folder.

8. Unzip the folder on your desktop. The folder will contain two files (DigiCertCA.crt and star_gordonstate_edu.crt)

9. Using SecureShell - upload the two files to the following location on the apache host server. /etc/httpd/conf/ssl.crt

** You may need to create the ssl.crt folder **

10. Next, copy the .key file generated in Step #3 (located in the root folder) to the following location. /etc/httpd/conf/ssl.key

** You may need to create the ssl.key folder **

11. Make all of these files readable by the root only.

12. On the Apache host server - open /etc/httpd/conf.d/ssl.conf in a text editor. This file is the config file for SSL support

13. Find the VirtualHost directory for _default_:443.

 

<VirtualHost _default_:443>

 

14. Most everything should already be setup in this file however make sure that the SSLEngine switch is set to on...

 

SSLEngine on

 

15. Next, in the ssl.conf file - find the line SSLCertificateFile /etc/pki/tls/certs/localhost.crt under the Server Certificate section. Comment this line out #

16. Add the following line right below the commented line from Step #15 SSLCertificateFile /etc/httpd/conf/ssl.crt/star_gordonstate_edu.crt

17. Next, find the line SSLCertificateKeyFile /etc/pki/tls/private/localhost.key under the Server Private Key section. Comment this line out # if it isnt already

18. Add the following line right below the commented line from Step #17 SSLCertificateKeyFile /etc/httpd/conf/ssl.key/star_gordonstate_edu.key

19. Next, find the line SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt under the Server Certificate Chain section. Make sure this line is commented out #

20. Add the following line right below the commented line from Step #19 SSLCertificateChainFile /etc/httpd/conf/ssl.crt/DigiCertCA.crt

21. This should be all you need to install the certificate. Save the ssl.conf file.

22. Restart Apache

23. Test https:// for the site in your browser.

 

 

     

 

 

 

 

 Revision Date : 10/22/2013

 

Was this article helpful? Yes | No

Article Details

Article ID:
395
Category:
Knowledgebase
Rating :

Related articles