Guides and tutorials

Hundreds of tutorials and step by step guides carefully written by our support team.

How to install SSL certificate in Apache

To install an SSL certificate in Apache, we will need the following files:

  • Certificate (.crt)
  • Private key (.key)
  • Certification Authority (.ca)

You already have them? Let’s start:

  1. Copy the three files on the server. In this manual we assume that you have uploaded all three files via FTP, but you can do it in any other way.

  2. Connect to the server via SSH and access the directory where we will host the certificates: cd /etc/apache2/ssl/

  3. Create the directory corresponding to your domain and access it: mkdir minuevaweb.es cd minuevaweb.es

  4. Move the certificates in the created directory. Assuming you have uploaded them to the 'web' directory via FTP, we will move them in the following way: mv /var/www/minuevaweb.es/datos/web/certificado.crt /etc/apache2/ssl/minuevaweb.es/ mv /var/www/minuevaweb.es/datos/web/certificado.key /etc/apache2/ssl/minuevaweb.es/ mv /var/www/minuevaweb.es/datos/web/certificado.ca /etc/apache2/ssl/minuevaweb.es/

  5. Change the owner and group of certificates to root: chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.crt chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.key chown root:root /etc/apache2/ssl/minuevaweb.es/certificado.ca

We have already moved the certificates in the corresponding directory.

Next, we proceed to configure the VirtualHost block in Apache:

  1. Access the configuration file directory vhosts: cd /etc/apache2/sites-enabled/

  2. Edit the configuration file corresponding to the web where you are installing the SSL certificate. In this example, we use the text editor nano, but you can use any other: cd /etc/apache2/sites-enabled/

  3. We make a copy of the existing VirtualHost block below it, being duplicated (then we will make changes, do not worry):

<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>

(the original file)

<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>
<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>

(the file with the original copy)

  1. In the second VirtualHost block, we modify the port from 80 to 443: <VirtualHost *:443>

  2. In the second VirtualHost block, we add before the end the following lines with the corresponding routes to our certificates:

        ...
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.crt
        SSLCertificateKeyFile /etc/apache2/ssl/minuevaweb.es/certificado.key
        SSLCACertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.ca
</VirtualHost>
  1. It will be as follows:
<VirtualHost *:80>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
</VirtualHost>
<VirtualHost *:443>
        ServerName minuevaweb.es
        ServerAlias www.minuevaweb.es
        DocumentRoot "/var/www/minuevaweb.es/datos/web"
        CustomLog /var/www/minuevaweb.es/logs/20190307.log common
        ErrorLog /var/www/minuevaweb.es/logs/error_20190307.log
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.crt
        SSLCertificateKeyFile /etc/apache2/ssl/minuevaweb.es/certificado.key
        SSLCACertificateFile /etc/apache2/ssl/minuevaweb.es/certificado.ca
</VirtualHost>
  1. We keep the changes made. In the text editor nano, you have to press the following key combination: Ctrl + X to save and exit Y key to confirm that you want to overwrite Enter key

  2. We check that the configuration is correct: apache2ctl -t It must appear Syntax OK. If an error appears, review the previous steps.

  3. We reload the Apache configuration so that the changes are applied: /etc/init.d/apache2 graceful

Ready! Access your website with the prefix https:// to verify that it works correctly.

If you prefer, we can perform this management for you. Request it through a ticket for technical action.

Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.
Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.