Tsohost Help Centre

Table of Contents

Manually install an SSL certificate on my Apache server (CentOS)

Updated Dec 14th, 2020 at 20:29 GMT

After your certificate request is approved, you can download your certificate from the SSL manager and install it on your Apache server.

  1. Find the directory on your server where certificate and key files are stored, then upload your intermediate certificate (gd_bundle.crt or similar) and primary certificate (.crt file with randomized name) into that folder.

    • For security, you should make these files readable by root only.
  2. Find your Apache configuration file.

    • On default configurations, you can find a file named httpd.conf in the /etc/httpd folder.
    • If you have configured your server differently, you may be able to find the file with the following command: grep -i -r "SSLCertificateFile" /etc/httpd/
    • /etc/httpd/ may be replaced with the base directory of your Apache installation.
  3. Open this file with your favorite text editor.
  4. Inside your httpd.conf file, find the block.
  5. To have your site available on both secure (https) and non-secure (http) connections, make a copy of this block and paste it directly below the existing block.
  6. You can now customize this copy of the block for secure connections. Here is an example configuration:
  7. DocumentRoot /var/www/coolexampleServerName coolexample.com www.coolexample.comSSLEngine onSSLCertificateFile /path/to/coolexample.crtSSLCertificateKeyFile /path/to/privatekey.keySSLCertificateChainFile /path/to/intermediate.crt

    • Don't forget the added 443 port at the end of your server IP.
    • DocumentRoot and ServerName should match your original block.
    • The remaining/path/to/... file locations can be replaced with your custom directory and file names.
  8. First, run the following command to check your Apache configuration file for errors: apachectl configtest
  9. Confirm that the test returns a Syntax OK response. If it does not, review your configuration files.
  10. Warning: The Apache service will not start again if your config files have syntax errors.

  11. After confirming a Syntax OK response, run the following command to restart Apache:
  12. apachectl restart