Generate a CSR code
When applying for an SSL Certificate, you need to generate a CSR (Certificate Signing Request) and send it to the Certificate Authority. The CSR is a block of text that includes up to date information about your website or organization, as well as the public key.
You have two options:
Generate the CSR automatically using our CSR Generator.
Follow our step-by-step tutorial on how to create a CSR on CentOS.
How to Install an SSL Certificate on CentOS 8
Step 1: Ensure that mod_ssl is installed on your system
You can check this via the following command:
rpm -qa | grep mod_ssl
If it’s not, install it with
dnf install mod_ssl
Step 2: Create the chain of your SSL certificate
It must include the private key, as well as the root, intermediate and server certificates.
cat pub-key.pem ca-chain.pem > full-chain.pem
Place the PEM file with the SSL chain in the following directory on your Apache server: /etc/pki/tls/certs
Place the private key in the /etc/pki/tls/private/ folder.
Secure your private key by making it inaccessible to other users:
chmod -R 600 /etc/pki/tls/private/
Step 3: Configure the Virtual Host block
In the configuration file for your domain (with .conf extension), insert the following block of code:
SSLEngine on
# The path to the complete chain of your SSL certificate
SSLCertificateFile /etc/pki/tls/certs/full-chain.pem
# The path to the private key
SSLCertificateKeyFile /etc/pki/tls/private/privkey.pem
# The path to the content of your website.
AllowOverride All
# The path to the content of your website
DocumentRoot /var/www/yourdomain.com
# Domain name of your website
ServerName yourdomain.com
ServerAlias yourdomain.com
Replace yourdomain.com with your actual domain name.
If you don’t have a configuration file, create it via
nano /etc/httpd/conf.d/yourdomain.conf
and place it in the /etc/httpd/conf.d/ directory.
Add HTTPS redirects to your .conf file:
ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect "/" "https://yourdomain.com/"
Step 4: Save the changes and close the file
Step 5: Restart Apache:
systemctl restart httpd
How to Install an SSL Certificate on CentOS 7 & 6
Step 1: Download the certificates
Download the primary and intermediate certificates that you’ve obtained from your SSL provider
Step 2: Copy your SSL files to your Apache server
Make sure the .key file that you created along the CSR generation is also present on your server
Step 3: Locate and edit the httpd.conf or ssl.conf file in the Apache configuration
Uses the cp and nano commands:
# cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK
# nano /etc/httpd/conf.d/ssl.conf
If one or more files are commented out, remove the # character from the starting line, and enter the absolute path according to your Apache version.
For Apache versions older than the 2.4.8 release have the following directives and path:
SSLCertificateFile – The path of your certificate file
SSLCertificateKeyFile – The path of your key file
SSLCertificateChainFile – The intermediate bundle path.
For Apache version 2.4.8 and higher have the following directives and path:
SSLCertificateFile – The path of your certificate file
SSLCertificateKeyFile – The path of your key file
SSLCertificatePath – The intermediate bundle path.
Here’s an example of your certificates’ absolute file path. You can copy-paste the code below, but make sure to specify the correct names of your files.
SSLCertificateFile /etc/httpd/conf/ssl.crt/your_leaf_certificate.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your_domain_name.key
SSLCACertificatePath /etc/httpd/conf/ssl.chain/your_intermediate_chain.crt
Note: Remember to change the permission of the certificate key file:
# chmod 400 /etc/httpd/conf/ssl.key/your_domain_name.com.key
Step 4: Restart the Apache
Save your configuration and restart Apache to complete the SSL installation.
Where to buy an SSL Certificate for CentOS?
The best place to buy an SSL Certificate for your CentOS server is from a reputable SSL reseller such as SSL Dragon. Our prices are the lowest on the market, but there are even more benefits. We offer regular discounts and great deals on all our SSL products, and above all, stellar customer support. All our certificates are compatible with CentOS.
SSL Dragon takes care of your sensitive data security, so your website or business can thrive online!