Step – 1 Create a Certificate Signing Request(CSR file)
In the DN for most servers are the following fields: Country, State (or Province), Locality (or City), Organization, Organizational Unit, and Common Name.
2. State and Locality are full names, i.e. ‘California’, ‘Los Angeles’.
3. The Organization Name is your Full Legal Company or Personal Name, as legally registered in your locality.
4. The Organizational Unit is whichever branch of your company is ordering the certificate such as accounting, marketing, etc.
5. The Common Name is the Fully Qualified Domain Name (FQDN) for which you are requesting the ssl certificate.
If you are generating a CSR for a Wildcard Certificate your common name must start with *. (for example: *.digicert.com). The wildcard character (*) will be able to assume any name that does not have a “dot” character in it.
To remain secure, certificates must use keys which are at least 2048 bits in length. If your server platform can’t generate a CSR with a 2048-bit key
first connect with server through terminal(Ctrl+Alt+T)
create a diractory name as 'SSL' in etc/apache2/
mkdir /etc/apache2/ssl cd /etc/apache2/ssl openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csrReplace yourdomain with the domain name you’re securing. For example, if your domain name is knowledgecorner.in, you would type knowledgecorner.in.key and knowledgecorner.in.csr.
Open the CSR file with a text editor and copy and paste it (including the BEGIN and END tags) into the form from where you purchase your SSL certificate.
Save (backup) the generated .key file as it will be required later for Certificate installation
chmod 400 /etc/apache2/ssl/www.yourdomain.com.keyExecute the following command to protect the signed certificate:
chmod 400 /etc/apache2/ssl/www.mydomain.com.crtStep – 2 Get the Certificate Authority Root Certificate
You will get two files. upload that two files in same folder where I’ve put my CSR and Private key i.e /etc/apache2/ssl/
Step – 3 Configure Apache to use the Signed SSL Certificate.
You need to configuration in Apache virtual hosting file(ubuntu 12.04).
So now you need to go: /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin email@example.com DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> SSLCertificateFile /etc/apache2/ssl/yourdomain.com.crt SSLCertificateKeyFile /etc/apache2/ssl/yourdomain.com.key SSLCertificateChainFile /etc/apache2/ssl/gd_bundle.crt </VirtualHost> </IfModule>Basically you need to locate yourdomain.com.crt , yourdomain.com.key and gd_bundle.crt.
Now last thing you need to do is restart you apache with the following command
/etc/init.d/apache2 restart or sudo service apache2 restartYou should now be able to visit your site with SSL enabled. Congratulations!!