Contact us at |support@ssldragon.com
  • Insttall an ssl certificate on centos

How to install an SSL Certificate on CentOS?

Thursday, January 17th, 2019

In this guide, you will learn how to install an SSL Certificate on CentOS. Since no SSL installation goes without a certificate signing request, we’ve also included step by step instructions on how to generate a CSR code in CentOS. For the most curious minds, we’ve added a historical overview of CentOS. And, if you don’t know where to buy an SSL Certificate for CentOS, stick till the end to find the best place and searching tools for your ideal certificate.

How to generate a CSR code in CentOS?
Install an SSL certificate on CentOS
CentOS History and Versions
Where to buy an SSL Certificate for CentOS?

How to generate a CSR code in CentOS?

When applying for an SSL Certificate, you need to generate a CSR (Certificate Signing Request) and send it to the Certificate Authority. The CSR is a block of text that includes up to date information about your website or organization, as well as the public key. You can generate the CSR straight from your server. Please follow the instructions below:

  1. Log into your server using the secure shell (SSH)
  2. Type the following command at the prompt:
    openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr
  3. Make sure you replace mydomain with your actual domain name. For example, if your domain name is example.com, you must enter example.key and example.csr
  4. Next, you need to submit details about your organization to the CA
    • Country Name – Use the two-letter abbreviation for the country where your organization is officially registered. For example, if it is registered in the United States, enter “US”, if in the United Kingdom, type “UK”
    • State or Provence – Enter the full name of the state or province where your organization is registered
    • City or Locality –Enter the full name of the city where your organization is located
    • Organization Name – If you’re applying for a Business Validation or Extended Validation certificate, enter your company’s legal name. If you’re applying for a Domain Validation certificate, use your full name instead
    • Organizational Unit Name – Here you can enter your DBA (doing as business) name if applicable. Alternatively, you can specify the department that manages the SSL certificates. For example, “IT” or “Web Administration”
    • Common Name – Enter the fully qualified domain name (FQDN) you want to secure. (e.g. ssldragon.com)

      Note: If you’re applying for a Wildcard SSL certificate, you must add an asterisk in front of your domain name. For example, *.ssldragon.com. Do not include “https” or any other characters in this field.

  5. Email address – Enter a valid email address as a means of contact for your domain
  6. Password – This field is optional. You may further secure your SSL certificate with a password, or you can leave this field blank.

That’s it. Your CSR code is ready! You can find it in your working directory with the “ls” command. The two new files are yourdomainname.csr, and yourdomainame.key.  The .csr file contains the certificate signing request that you’ll need to submit to the Certificate Authority when ordering your SSL Certificate. Next, we’re going to install an SSL certificate on CentOS.

Install an SSL certificate on CentOS

Using the method below, you can install an SSL certificate on CentOS 7 & 6.

  1. Download the primary and intermediate certificates that you’ve received from your SSL provider
  2. Copy your SSL files to your Apache server. Make sure the .key file that you created along the CSR generation is also present on your server
  3. Now, you need to locate and edit the httpd.conf or ssl.conf file in the Apache configuration. Uses the “cp” and “nano” commands:
    # cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK
    # nano /etc/httpd/conf.d/ssl.conf
  4. If one or more files are commented out, remove the # character from the starting line, and enter the absolute path according to your Apache version
    Apache versions older than the 2.4.8 release have the following directives and path:

    • SSL Certificate file – The path of your certificate file
    • SSLCertificate KeyFile – The path of your key file
    • SSLCertificate ChainFile – The intermediate bundle path.

    Apache version 2.4.8 and higher have the following directives and path:

    • SSL Certificate file – The path of your certificate file
    • SSLCertificate KeyFile – The path of your key file
    • SSLCertificate Path – The intermediate bundle path.
      Here’s an example of your certificates’ absolute file path. You can copy-paste the code below, but make sure to specify the correct names of your files.
      SSLCertificateFile /etc/httpd/conf/ssl.crt/your_leaf_certificate.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your_domain_name.key SSLCACertificatePath /etc/httpd/conf/ssl.chain/your_intermediate_chain.crt

      Note: Remember to change the permission of the certificate key file:
      # chmod 400 /etc/httpd/conf/ssl.key/your_domain_name.com.key

  5. Save your configuration and restart Apache to complete the SSL installation.

CentOS History and Versions

CentOS stands for Community Enterprise Operating System, a Linux distribution that offers a free, enterprise computing platform to desktop computers, workstations, mainframes, and servers. The first CentOS version, released on May 14, 2014 was forked from Red Hat Enterprise Linux (RHEL) version 2.1AS. CentOS stayed with RHEL until January 2014, when it officially joined Red Hat and became independent from RHEL.

The latest versions of CentOS, officially support only the x86-64 architecture; however, AltArch releases also include IA-32 architecture. Listed below are all the major CentOS releases:

  • CentOS 2.1 – released on 14 May 2004. Supports IA-31 architecture
  • CentOS 3.1 – released on 19 March 2004. Supports IA-32, x86-64, IA-64, s390, s390x architectures
  • CentOS 4 – released on 9 March 2005. Supports IA-32, x86-64, and various architectures
  • CentOS 5 – released on 12 April 2007. Supports IA-32, x86-64 architectures
  • CentOS 6 – released on 10 July 2011. Supports IA-32, x86-64 architectures
  • CentOS 7 – released on 7 July 2014. Supports x86-64 architectures.

CentOS provides full updates only for its latest versions, 7.0 and higher. CentOS version 6 receives only maintenance updates, while other older versions are not supported anymore.

Where to buy an SSL Certificate for CentOS?

The best place to buy an SSL Certificate for your CentOS server is from a reputable SSL reseller such as SSL Dragon. Our prices are the lowest on the market, but there are even more benefits. We offer regular discounts and great deals on all our SSL products, and above all, stellar customer support. All our certificates are compatible with CentOS, and you can always use our helping tools such as SSL Wizard and Advanced Certificate Filter to find the perfect SSL product for your project. We offer the following types of certificates:

SSL Dragon takes care of your sensitive data security, so your website or business can thrive online!

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.