Forum

How to Install an SSL Certificate on CentOS

Generate a CSR code
When applying for an SSL Certificate, you need to generate a CSR (Certificate Signing Request) and send it to the Certificate Authority. The CSR is a block of text that includes up to date information about your website or organization, as well as the public key.


You have two options:

Generate the CSR automatically using our CSR Generator.
Follow our step-by-step tutorial on how to create a CSR on CentOS.
How to Install an SSL Certificate on CentOS 8
Step 1: Ensure that mod_ssl is installed on your system
You can check this via the following command:

rpm -qa | grep mod_ssl

If it’s not, install it with

dnf install mod_ssl

Step 2: Create the chain of your SSL certificate
It must include the private key, as well as the root, intermediate and server certificates.

cat pub-key.pem ca-chain.pem > full-chain.pem

Place the PEM file with the SSL chain in the following directory on your Apache server: /etc/pki/tls/certs

Place the private key in the /etc/pki/tls/private/ folder.

Secure your private key by making it inaccessible to other users:

chmod -R 600 /etc/pki/tls/private/

Step 3: Configure the Virtual Host block
In the configuration file for your domain (with .conf extension), insert the following block of code:


SSLEngine on
# The path to the complete chain of your SSL certificate
SSLCertificateFile /etc/pki/tls/certs/full-chain.pem
# The path to the private key
SSLCertificateKeyFile /etc/pki/tls/private/privkey.pem
# The path to the content of your website.

AllowOverride All

# The path to the content of your website
DocumentRoot /var/www/yourdomain.com
# Domain name of your website
ServerName yourdomain.com
ServerAlias yourdomain.com

Replace yourdomain.com with your actual domain name.

If you don’t have a configuration file, create it via

nano /etc/httpd/conf.d/yourdomain.conf

and place it in the /etc/httpd/conf.d/ directory.

Add HTTPS redirects to your .conf file:


ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect "/" "https://yourdomain.com/"

Step 4: Save the changes and close the file
Step 5: Restart Apache:
systemctl restart httpd

How to Install an SSL Certificate on CentOS 7 & 6
Step 1: Download the certificates
Download the primary and intermediate certificates that you’ve obtained from your SSL provider

Step 2: Copy your SSL files to your Apache server
Make sure the .key file that you created along the CSR generation is also present on your server

Step 3: Locate and edit the httpd.conf or ssl.conf file in the Apache configuration
Uses the cp and nano commands:

# cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK

# nano /etc/httpd/conf.d/ssl.conf

If one or more files are commented out, remove the # character from the starting line, and enter the absolute path according to your Apache version.

For Apache versions older than the 2.4.8 release have the following directives and path:

SSLCertificateFile – The path of your certificate file
SSLCertificateKeyFile – The path of your key file
SSLCertificateChainFile – The intermediate bundle path.
For Apache version 2.4.8 and higher have the following directives and path:

SSLCertificateFile – The path of your certificate file
SSLCertificateKeyFile – The path of your key file
SSLCertificatePath – The intermediate bundle path.
Here’s an example of your certificates’ absolute file path. You can copy-paste the code below, but make sure to specify the correct names of your files.

SSLCertificateFile /etc/httpd/conf/ssl.crt/your_leaf_certificate.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your_domain_name.key

SSLCACertificatePath /etc/httpd/conf/ssl.chain/your_intermediate_chain.crt

Note: Remember to change the permission of the certificate key file:

# chmod 400 /etc/httpd/conf/ssl.key/your_domain_name.com.key

Step 4: Restart the Apache
Save your configuration and restart Apache to complete the SSL installation.

Where to buy an SSL Certificate for CentOS?
The best place to buy an SSL Certificate for your CentOS server is from a reputable SSL reseller such as SSL Dragon. Our prices are the lowest on the market, but there are even more benefits. We offer regular discounts and great deals on all our SSL products, and above all, stellar customer support. All our certificates are compatible with CentOS.

SSL Dragon takes care of your sensitive data security, so your website or business can thrive online!

Reply to this topic Share on my timeline

0 Replies

No replies to show