Install SSL Apache2

Prior to these steps you have to had generated a private, public key pair. Registering them with a Ceritificate Authority is also recommended. Once you have the public, private key pair you can complete this installation. The steps to complete the installation follow.


Install private key

sudo mkdir /usr/local/ssl
sudo mkdir /usr/local/ssl/crt
sudo mkdir /usr/local/ssl/private

Open the web_server_certificate file on this drive and copy the entire contents to include the ---- at the front and the end ----- ,Copy this into a file

sudo nano public.crt

Open the intermediate_ca_certificate file on this drive and copy the entire contents to include the ---- ar the front and the end ----- , Copy this int a file

sudo nano intermediate.crt

scp the file privatekey.key file over to the server in which your are going to install it. If your installing on a local machine you won't have to do this step.

scp -i YOUSSHToken.pem /location/to/your/SSH/YOURSSH.key ubuntu@XXX.XXX.XXX.XXX:/home/ubuntu/privatekey.key
sudo mv privatekey.key /usr/local/ssl/private


Configure server

Configure the server. Modify the /etc/apache2/mods-available/ssl.conf file and add the following lines:

SSLCertificateFile /usr/local/ssl/crt/public.crt
SSLCertificateKeyFile /usr/local/ssl/private/privatekey.key
SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt

Modify sites-available

Modfy the sites-available file. Add the following:

ServerAdmin //change this to your domain

Change this to your domain. Under SSL Engine Switch add:

SSLProtocol all

Edit the following lines to this:

SSLCertificateFile /usr/local/ssl/crt/public.crt
SSLCertificateKeyFile /usr/local/ssl/private/privatekey.key
SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt

Enable the newly created defaulted sites-available file

sudo a2ensite default-ssl.conf

For reference if you want to disable another ssl site. You can using:

sudo a2dissite default-ssl.conf

Enable ssl modification

sudo a2enmod ssl

To disable the module if you want:

sudo a2dismod ssl

After you restart apache2 it will ask for the rsa key for the private key


Error Checking

If there are errors you can go to /var/log/apache2/error_log