0) Review how to enable SSL in Apache first: https://help.ubuntu.com/lts/serverguide/httpd.html#https-configuration
1) Generate the SSL CSR (certificate signing request) with no password:
2a) Go to http://startssl.com
2b) Click Control Panel -> Validations Wizard -> Domain Validation (you must validate your domain first)
2c) Click Control Panel -> Certificate Wizard (skip automatic generation, paste the server.csr generated from the step 1, select your domain, enter additional domain names)
3) Copy the newly created server certificate from the website to a file called server.crt
4) Download the StartSSL CA bundel from: https://www.startssl.com/certs/sub.class1.server.ca.pem
5) Copy all the new files to the /etc/ssl directory:
6) Configure Apache with the following lines:
7) Restart Apache.
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
2a) Go to http://startssl.com
2b) Click Control Panel -> Validations Wizard -> Domain Validation (you must validate your domain first)
2c) Click Control Panel -> Certificate Wizard (skip automatic generation, paste the server.csr generated from the step 1, select your domain, enter additional domain names)
3) Copy the newly created server certificate from the website to a file called server.crt
4) Download the StartSSL CA bundel from: https://www.startssl.com/certs/sub.class1.server.ca.pem
5) Copy all the new files to the /etc/ssl directory:
cp server.key server.crt server.csr sub.class1.server.ca.pem /etc/ssl
6) Configure Apache with the following lines:
SSLCertificateFile "/etc/ssl/server.crt"
SSLCertificateKeyFile "/etc/ssl/server.key"
SSLCACertificateFile "/etc/ssl/sub.class1.server.ca.pem"
7) Restart Apache.
No comments:
Post a Comment