Start FileCloud FREE Trial
Log in

Install an SSL certificate on Linux

It’s important to use SSL any time sensitive data is involved such as personal information, and authentication credentials such as passwords.
Your Linux system should be:

  • running Ubuntu or RHEL
  • accessible over the internet
  • using a valid DNS entry that points to your Linux system

  1. Copy the SSL certificate provided by your certification provider and SSL private key file to the apache directory. The certificate file is renamed as server.crt and private key file is renamed as server.key

    etcssl=/etc/apache2/ssl # for Ubuntu
etcssl=/etc/httpd/ssl   # for RHEL
sudo mkdir -p $etcssl
sudo cp server.crt $etcssl
sudo cp server.key $etcssl

  2. If your signed certificate needs a certificate chain file containing all the intermediate certificates, then you need to install the certificate chain file as well. 

    sudo echo >> $etcssl/server.crt
sudo cat server-ca.crt >> $etcssl/server.crt

  3. Modify your webserver configuration. ServerName must match the server name in the SSL certificate.

    Ubuntu 22.04 or higher: Add this code to /etc/apache2/sites-enabled/000-default-conf

    Ubuntu 22.04 or higher
    <VirtualHost *:443>
# Admin email, Server Name (domain name) and any aliases
 ServerAdmin support@xyz.com
 ServerName server1.xyz.com
# Index file and Document Root (where the public files are located)
 DirectoryIndex index.php
DocumentRoot /var/www/html
 <Directory /var/www/html>
 Options Indexes FollowSymLinks MultiViews
 AllowOverride All
 Order allow,deny
 allow from all
 </Directory>

 ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
 # alert, emerg.
 LogLevel warn
 CustomLog ${APACHE_LOG_DIR}/access.log combined

 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl/server.crt
 SSLCertificateKeyFile /etc/apache2/ssl/server.key
 
</VirtualHost>


    RHEL 9.0 or higher: Replace the SSLCertificateFile and SSLCertificateKeyFile lines in /etc/httpd/conf.d/ssl.conf with the following:

    RHEL 9.0 or higher
    SSLCertificateFile /etc/httpd/ssl/server.crt
SSLCertificateKeyFile /etc/httpd/ssl/server.key

  4. Restart Apache.

    sudo systemctl restart apache2 # for Ubuntu
sudo systemctl restart httpd   # for RHEL