πŸš€ DevOps Certified Professional
πŸ“… Starting: 1st of Every Month 🀝 +91 8409492687 | 🀝 +1 (469) 756-6329 πŸ” Contact@DevOpsSchool.com

How to setup SSL certificate for apache

Linux
Posted on | by pradeep

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Environment

SUSE Linux Enterprise ServerNovell Open Enterprise ServerNovell GroupWise

Situation

How to SSLize WebAccess on Linux
How to secure WebAccess using SSLGroupWise WebAccess shows untrusted certificate after pointing to 3rd party certificate using ConsoleOne for WebAccess Agent

Resolution

  1. (conditional) If not yet configured, Enable the SSL module and set the Apache Server Flags to SSL:
    • From a terminal window: edit file /etc/sysconfig/apache2
    • Verify ssl is found in the list of APACHE_MODULES.
      Note: If it is not, please run the following command, which should enable the ssl module and add it to this list:
      sudo a2enmod ssl
    • From this same file, please find APACHE_SERVER_FLAGS=”” and add SSL in between the quotations.
    • Create a virtual host for ssl by copying from the template:
      cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl.conf
  2. Configure Apache to use new certificate files:
    • From a terminal window: cd /etc/apache2/vhosts.d/
    • Edit file vhost-ssl.conf
    • Update paths to the appropriate file(s) as needed:
      • SSLCertificateFile <directory to the cert (*.cert)>
      • SSLCertificateKeyFile <path to the private key (*.key)>
      • SSLCertificateChainFile <path to CA Chain file(s)>
      • SSLCACertificateFile <path to bundles>
    • Save and Close.
    • From a Terminal window: type rcapache2 restart and press Enter.

Additional Information

How to setup Apache using a single PEM file, if so desired.
Replace Step 2 above with the following:

  1. See TID 7013103 β€“ How to create a .pem file for SSL Certificate Installations
  2. Point Apache to the New PEM:
  1. From a terminal window: type cd /etc/apache2/vhosts.d/ and press Enter.
  2. Edit file vhost-ssl.conf
  3. Find and replace with the path to the same file:
    • SSLCertificateFile <path to the server.pem>
    • SSLCertificateChainFile <path to the server.pem>
  4. Comment out any other Certificate configuration (pem created above includes them):
    • SSLCertificateKeyFile
    • SSLCACertificateFile
  5. Save and Close.
  6. From a Terminal window: type rcapache2 restart and press Enter.
Apachessl.confvhost