What is SSL and why we need?
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. To be able to create an SSL connection a web server requires a SSL Certificate. SSL Certificates validate your website’s identity, and encrypt the information visitors send to, or receive from, your site. When you have an SSL Certificate protecting your website, your customers can rest assured that the information they enter on any secured page is private and can’t be
viewed by cyber rogue.
Most Web browsers support SSL, and many websites use the protocol to obtain confidential user information, including credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http: .
Now here is an easy-to-follow, step-by-step process for installing SSL certificate in Linux.
- Login to server with root access and install mod_ssl package it’s must be installed on server before you have to install SSL Certificate.
#yum install mod_ssl -y
- Generate CSR with SHA-2 algorithm, run the command below in terminal
# openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Where server is the name of your server like natsav_com.key & natsav_com.csr
- Above command generate two files: Private-Key file & CSR (certificate signing request) file.
- Copy all the contents from the server.csr, including the BEGIN CERTIFICATE and END CERTIFICATE lines and paste full CSR into your SSL account or provide the CSR to the company from which you purchased the SSL certificate.
- After approved from the certificate authority (CA) you have receive your SSL certificate via authorize email in a zip file. Download and extract your zip file. This zip file contains server.crt, intermediate and Chain Bundle certificate
- Now copy the files into a directory where you want to store your SSL certificate files on your Centos / Linux server including private key certificate key.
It is mandatory that you make the directory that contains the files only readable by root.
For Example: – We are creating a location on zpanel/ Setora server
# cd /etc/pki/tls/certs/ #mkdir ssl #mv server.key /etc/pki/tls/certs/ssl/
And move all the SSL Certificate in the Location.
#cd /etc/pki/tls/certs/ssl/ #ls
OUTPUT will be show:
Server.key Server.crt Intermediate. Crt
- Now open your ssl configuration file (ssl.conf) with any text editor
# vi /etc/httpd/conf.d/ssl.conf
- Add the below lines to the SSL section of the ssl.conf (Search “ServerName example.com” and add below)
CustomLog logs/ssl.yourdomain.com.access_log combined
- Uncomment and Modify the path of the Certificate in below line which you have in ssl.conf
- Now test your Apache config before restarting apache service.
- Restart your Apache server by running the following command
#systemctl restart httpd (For CentOS / Linux 7.x) Or #service httpd restart (For CentOS / Linux 6.x)
Now your SSL certificate is installed on the Centos /Linux 6.x or 7.x Apache Server. you can check with following link https://www.sslshopper.com/ssl-checker.html.
You can check our other posts click here