Reputation: 1517
Apache SSL Certificate
I have two files:
- privkey.pem that starts with
-----BEGIN ENCRYPTED PRIVATE KEY----- - cert.pem that starts with
-----BEGIN CERTIFICATE-----
Now I should install them, but I never did this before and all related information I found (1, 2, 3) say, that I need three files:
primary.crtprivate.keyintermediate.crt
The file endings are different, but from what I found my .pom files are ok, too (only the content matters and I can rename the ending).
But what files do I have now? The primary and private? And do I miss some file? Or is it possible with only the two I have?
Upvotes: 0
Views: 259
Answers (1)
Reputation: 5819
Start with this:
SSLEngine on
SSLCertificateFile /path/to/cert.crt
SSLCertificateKeyFile /path/to/privkey.crt
This should bring the site up on SSL. While this may work with some browsers, you'd require intermediate certificates for your certificate to chain up to the Root CA to ensure your site works in all browsers.
To obtain the intermediate certificates for your site, go to What's My Chain Cert? and enter you site name. This will indicate that you are missing intermediate certificates, as expected. Use the last form field on the page to generate the intermediate certs.
Use the downloaded cert chain in the SSLCertificateChainFile directive in your Apache webserver config like this:
SSLCertificateChainFile /path/to/intermediate.crt
Once done, I suggest checking your site using an online scanner such as SSL Labs server test to ensure your certificates are properly configured and that your configuration does not expose any vulnerabilities or SSL weaknesses.
Upvotes: 2
Related Questions
- How to install SSL certificate in apache server in ubuntu
- SSL on Apache HTTP Server
- Apache - Installing SSL Cert
- SSL Certificate at a specific URL on Apache
- Apache2 SSL certificate error
- Invalid SSL certificate in Apache
- SSL certification apache
- Apache2 + OpenSSL, Certificate CA
- setting up ssl on apache2
- SSL certificate installing