How to setup SSL certificate for apache

Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Environment

SUSE Linux Enterprise ServerNovell Open Enterprise ServerNovell GroupWise

Situation

How to SSLize WebAccess on Linux
How to secure WebAccess using SSLGroupWise WebAccess shows untrusted certificate after pointing to 3rd party certificate using ConsoleOne for WebAccess Agent

Resolution

  1. (conditional) If not yet configured, Enable the SSL module and set the Apache Server Flags to SSL:
    • From a terminal window: edit file /etc/sysconfig/apache2
    • Verify ssl is found in the list of APACHE_MODULES.
      Note: If it is not, please run the following command, which should enable the ssl module and add it to this list:
      sudo a2enmod ssl
    • From this same file, please find APACHE_SERVER_FLAGS=”” and add SSL in between the quotations.
    • Create a virtual host for ssl by copying from the template:
      cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf
  2. Configure Apache to use new certificate files:
    • From a terminal window: cd /etc/apache2/vhosts.d/
    • Edit file vhost-ssl.conf
    • Update paths to the appropriate file(s) as needed:
      • SSLCertificateFile <directory to the cert (*.cert)>
      • SSLCertificateKeyFile <path to the private key (*.key)>
      • SSLCertificateChainFile <path to CA Chain file(s)>
      • SSLCACertificateFile <path to bundles>
    • Save and Close.
    • From a Terminal window: type rcapache2 restart and press Enter.

Additional Information

How to setup Apache using a single PEM file, if so desired.
Replace Step 2 above with the following:

  1. See TID 7013103 – How to create a .pem file for SSL Certificate Installations
  2. Point Apache to the New PEM:
  1. From a terminal window: type cd /etc/apache2/vhosts.d/ and press Enter.
  2. Edit file vhost-ssl.conf
  3. Find and replace with the path to the same file:
    • SSLCertificateFile <path to the server.pem>
    • SSLCertificateChainFile <path to the server.pem>
  4. Comment out any other Certificate configuration (pem created above includes them):
    • SSLCertificateKeyFile
    • SSLCACertificateFile
  5. Save and Close.
  6. From a Terminal window: type rcapache2 restart and press Enter.