Notice
This tutorial aims at SL6/CentOS6 Web Server Installation and Apache.
If your server is with this configure, there is actually little effort to take. Otherwise more efforts will be required and you are suggested to look for other tutorials.
Copy SSL cert and key to corresponding directory
Copy SSL certificate files (.crt) to /etc/pki/tls/certs directory.
If your CA provide bundle cert file (-bundle.crt), copy it there as well.
Copy SSL key file (*.key) to /etc/pki/tls/certs directory.
Enable name-based virtual host
Edit /etc/httpd/conf.d/ssl.conf. There should already be a line:
Listen 443
Add another line below it:
NameVirtualHost *:443
Configure your virtual host
Add a site conf file under apache config dir (e.g. /etc/httpd/conf.d/mysite.conf).
The configuration is basically the same as with port 80, with a few additional lines.
<VirtualHost *:443>
ServerName blog.mysite.com
ServerAlias diary.mysite.com
ServerAdmin admin@mysite.com
DocumentRoot /var/www/html/mysite/blog
ErrorLog logs/mysite_ssl_error_log
TransferLog logs/mysite_ssl_access_log
CustomLog logs/mysite_ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/mysite.crt
SSLCertificateKeyFile /etc/pki/tls/private/mysite.key
SSLCACertificateFile /etc/pki/tls/certs/myca-bundle.crt
</VirtualHost>
If you don’t have bundle cert, then delete SSLCACertificateFile line.
That’s it!
Restart apache and it should work.
sudo service httpd restart
See Tutorial #3 on how to add browser exception for self-signed certs.