Knowledge Base
How to generate a Certificate Signing Request and install an SSL certificate on Apache Server?
-
How to generate a Certificate Signing Request and install an SSL certificate on Apache Server?
Overview:
This article provides a clear, step‑by‑step walkthrough of how to generate a Certificate Signing Request (CSR) and successfully install an SSL certificate on an Apache server.
It walks through generating the CSR with OpenSSL, submitting it to a Certificate Authority, and then installing the issued certificate on the server. The article also covers how to update Apache’s configuration, restart the service, and check that HTTPS is working correctly.
Part 1: Generating a CSR and Private Key
Step 1: Generate the Private Key and CSR
There are two options:
-
Generate the CSR automatically using a CSR Generator like https://csrgenerator.com/.
-
Follow our step-by-step tutorial below on how to create the CSR on Apache.
Generating CSR and Installing SSL Certificate on Apache Server | Sectigo® Official
You'll be prompted to enter various details for your certificate. Fill in the required information accurately.
Step 2: Retrieve the CSR
Once completed, you can view and retrieve your CSR file:
Step 3: Submit CSR to CA (Certificate Authority)
Copy the entire output, including the BEGIN and END tags, and submit it to your chosen Certificate Authority (CA).
Part 2: Installing SSL Certificate on Apache
Step 1: Prepare Certificate Files
Download and extract the following files from the zip folder provided by your CA:
-
Primary SSL certificate (.crt file)
-
CA bundle file (.ca-bundle file)
If your CA bundle certificates are in separate files, combine them into a single file:
cat IntermediateCertificate1.crt IntermediateCertificate2.crt RootCertificate.crt >> bundle.crt
Step 2: Locate Apache Configuration File
Find the appropriate Apache configuration file. Common locations include:
-
/etc/httpd/conf/httpd.conf
-
/etc/apache2/apache2.conf
-
/etc/httpd/conf.d/ssl.conf
Step 3: Configure Virtual Host
Back up your current configuration file:
Edit the Virtual Host section in your configuration file:
<VirtualHost *:443>
ServerAdmin [email protected]
DocumentRoot /var/www/
ServerName www.yourdomain.com
ErrorLog /path/to/error_log
SSLEngine on
SSLCertificateFile /etc/ssl/yourdomain.crt
SSLCertificateKeyFile /etc/ssl/yourdomain.key
SSLCertificateChainFile /etc/ssl/yourdomain.ca-bundle
</VirtualHost>
Ensure all directives are uncommented (no '#' at the start of the line).
Step 4: Save and Restart Apache
Save the configuration file and restart Apache:
If Apache fails to restart, revert to the backup configuration and troubleshoot the issue.
Step 5: Test SSL Installation
Use online SSL checking tools to verify your installation and identify any potential issues or vulnerabilities.
By following these steps, you can successfully generate a CSR and install an SSL certificate on your Apache server, ensuring secure communication for your website.
Need assistance?
Contact our team for help with your purchase or issuing your certificate.
Live chat
Click the button below or click "Chat with an Expert" to start chatting with us now!
