SSL Certificates Help

Manually install an SSL certificate on my Apache server (CentOS)


Not the right server type? Go back to the list of installation instructions.

After your certificate request is approved, you can download your certificate from the SSL manager and install it on your Apache server. If your server is running Ubuntu instead of CentOS, please see Manually install an SSL certificate on my Apache server (Ubuntu).

  1. Find the directory on your server where certificate and key files are stored, then upload your intermediate certificate (gd_bundle.crt or similar) and primary certificate (.crt file with randomized name) into that folder.
    • For security, you should make these files readable by root only.
  2. Find your Apache configuration file.
    • On default configurations, you can find a file named httpd.conf in the /etc/httpd folder.
    • If you have configured your server differently, you may be able to find the file with the following command:
    • grep -i -r "SSLCertificateFile" /etc/httpd/
      • /etc/httpd/ may be replaced with the base directory of your Apache installation.
  3. Open this file with your favorite text editor.
  4. Inside your httpd.conf file, find the <VirtualHost> block.
  5. To have your site available on both secure (https) and non-secure (http) connections, make a copy of this block and paste it directly below the existing <VirtualHost> block.
  6. You can now customize this copy of the <VirtualHost> block for secure connections. Here is an example configuration:
  7. <VirtualHost xxx.xxx.x.x:443>
    	DocumentRoot /var/www/coolexample
    	ServerName coolexample.com www.coolexample.com
    		SSLEngine on
    		SSLCertificateFile /path/to/coolexample.crt
    		SSLCertificateKeyFile /path/to/privatekey.key
    		SSLCertificateChainFile /path/to/intermediate.crt
    </VirtualHost>
    • Don't forget the added 443 port at the end of your server IP.
    • DocumentRoot and ServerName should match your original <VirtualHost> block.
    • The remaining/path/to/... file locations can be replaced with your custom directory and file names.
  8. First, run the following command to check your Apache configuration file for errors:
  9. apachectl configtest
  10. Confirm that the test returns a Syntax OK response. If it does not, review your configuration files.
  11. Warning: The Apache service will not start again if your config files have syntax errors.

  12. After confirming a Syntax OK response, run the following command to restart Apache:
  13. apachectl restart

Note: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products. Third-party marks and logos are registered trademarks of their respective owners. All rights reserved.