Home / Tutorials / How to Install an SSL Certificate / How to Install an SSL Certificate on CentOS?

How to Install an SSL Certificate on CentOS

How to install an SSL Certificate on CentOS

In this guide, you will learn how to install an SSL Certificate on CentOS. If you don’t know where to buy an SSL Certificate for CentOS, please read until the end to discover the best SSL shop, and search tools for the optimal certificate.

Table of contents

  1. Generate a CSR code
  2. How to Install an SSL Certificate on CentOS 8
  3. How to Install an SSL Certificate on CentOS 7 & 6
  4. Where to buy an SSL Certificate for CentOS?

Generate a CSR code

When applying for an SSL Certificate, you need to generate a CSR (Certificate Signing Request) and send it to the Certificate Authority. The CSR is a block of text that includes up to date information about your website or organization, as well as the public key.

You have two options:

  1. Generate the CSR automatically using our CSR Generator.
  2. Follow our step-by-step tutorial on how to create a CSR on CentOS.

How to Install an SSL Certificate on CentOS 8

Step 1: Ensure that mod_ssl is installed on your system

You can check this via the following command:

rpm -qa | grep mod_ssl

If it’s not, install it with

dnf install mod_ssl

Step 2: Create the chain of your SSL certificate

It must include the private key, as well as the root, intermediate and server certificates.

cat pub-key.pem ca-chain.pem > full-chain.pem

Place the PEM file with the SSL chain in the following directory on your Apache server: /etc/pki/tls/certs

Place the private key in the /etc/pki/tls/private/ folder.

Secure your private key by making it inaccessible to other users:

chmod -R 600 /etc/pki/tls/private/

Step 3: Configure the Virtual Host block

In the configuration file for your domain (with .conf extension), insert the following block of code:


SSLEngine on
# The path to the complete chain of your SSL certificate
SSLCertificateFile /etc/pki/tls/certs/full-chain.pem
# The path to the private key
SSLCertificateKeyFile /etc/pki/tls/private/privkey.pem
# The path to the content of your website.

AllowOverride All

# The path to the content of your website
DocumentRoot /var/www/yourdomain.com
# Domain name of your website
ServerName yourdomain.com
ServerAlias yourdomain.com

Replace yourdomain.com with your actual domain name.

If you don’t have a configuration file, create it via

nano /etc/httpd/conf.d/yourdomain.conf

and place it in the /etc/httpd/conf.d/ directory.

Add HTTPS redirects to your .conf file:


ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect "/" "https://yourdomain.com/"

Step 4: Save the changes and close the file

Step 5: Restart Apache:

systemctl restart httpd

How to Install an SSL Certificate on CentOS 7 & 6

Step 1: Download the certificates

Download the primary and intermediate certificates that you’ve obtained from your SSL provider

Step 2: Copy your SSL files to your Apache server

Make sure the .key file that you created along the CSR generation is also present on your server

Step 3: Locate and edit the httpd.conf or ssl.conf file in the Apache configuration

Uses the cp and nano commands:

# cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK

# nano /etc/httpd/conf.d/ssl.conf

If one or more files are commented out, remove the # character from the starting line, and enter the absolute path according to your Apache version.

For Apache versions older than the 2.4.8 release have the following directives and path:

  • SSLCertificateFile – The path of your certificate file
  • SSLCertificateKeyFile – The path of your key file
  • SSLCertificateChainFile – The intermediate bundle path.

For Apache version 2.4.8 and higher have the following directives and path:

  • SSLCertificateFileThe path of your certificate file
  • SSLCertificateKeyFileThe path of your key file
  • SSLCertificatePathThe intermediate bundle path.

Here’s an example of your certificates’ absolute file path. You can copy-paste the code below, but make sure to specify the correct names of your files.

SSLCertificateFile /etc/httpd/conf/ssl.crt/your_leaf_certificate.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your_domain_name.key

SSLCACertificatePath /etc/httpd/conf/ssl.chain/your_intermediate_chain.crt

Note: Remember to change the permission of the certificate key file:

# chmod 400 /etc/httpd/conf/ssl.key/your_domain_name.com.key

Step 4: Restart the Apache

Save your configuration and restart Apache to complete the SSL installation.

Where to buy an SSL Certificate for CentOS?

The best place to buy an SSL Certificate for your CentOS server is from a reputable SSL reseller such as SSL Dragon. Our prices are the lowest on the market, but there are even more benefits. We offer regular discounts and great deals on all our SSL products, and above all, stellar customer support. All our certificates are compatible with CentOS.

SSL Dragon takes care of your sensitive data security, so your website or business can thrive online!

Get an SSL certificate now

You can always use our helping tools such as SSL Wizard and Advanced Certificate Filter to find the perfect SSL product for your project.

FAQ

1. How do I know if an SSL certificate is installed on CentOS?

To check the SSL certificate on CentOS, use the following OpenSSL command:

openssl x509 -text -in certificate.crt -noout

2. Where are SSL certificates stored in CentOS?

By default, the SSL certificates on CentOS are stored in the /etc/pki/tls/certs/ directory. The private keys reside in /etc/pki/tls/private/ directory.

3. How do I download OpenSSL on CentOS?

Open SSL comes pre-installed in all Linux distributions, including CentOS. Learn more about OpenSSL and its command lines.

If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected]. Your input would be greatly appreciated! Thank you.