1. Log into your server using the SSH command
2. Generate the CSR file and the private key for your certificate
openssl req -new -newkey rsa:4096 -nodes -keyout example.com.key -out example.com.csr
3. Fillup required information about your company to the CA. Fill in the fields as shown below:
- Country Name – enter the two-letter country code where your organization is officially registered. For the United States you’ll type “US”, for Canada “CA”.
- State or Province –type the full name of the state or province where you’re legally doing business
- City or Locality – again, provide the full name of the city where your company is located
- Organization Name – Enter your organization’s legal name; for example, (GPI Holding LLC)
- Organizational Unit Name – type “IT” or “Web Administration”.
- Common Name – Enter the fully qualified domain name (FQDN) you want to protect; for example, ssldragon.com
4. You will find two files name are example.com.key and example.com.csr in root folder
5. Copy CSR code and submit the code where to purchase SSL certificate and verify as per required
6. You will get three files from SSL provider such are example.com.crt, example.com.ca-bandle, example.com.p7b
7. Move or copy these files example.com.key, example.com.crt, example.com.ca-bandle, example.com.p7b in like /etc/ssl/example/
8. Open Apache conf file like default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /home/example/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/example/example.com.crt
SSLCertificateKeyFile /etc/ssl/example/example.com.key
SSLCertificateChainFile /etc/ssl/example/example.com.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
10. Run Command: a2ensite default-ssl
11. Restart Apache
