How to Install an SSL Certificate on Ubuntu Server

Last updated on by Dionisie Gitlan

In this tutorial, you will learn how to install an SSL certificate on Ubuntu with Apache. The later paragraphs include SSL buying recommendations for an Ubuntu Server.

Install an SSL Certificate on Ubuntu Server

Table of Contents

  1. Generate a CSR code
  2. Install an SSL Certificate on Ubuntu Servers
  3. Where to buy an SSL Certificate for Ubuntu Server?

We also recorded a video that walks you through the entire process of installing an SSL certificate in Ubuntu:

If you prefer the text version of the tutorial, keep reading below:

Generate a CSR code

We’ll begin with CSR (Certificate Signing Request) code generation. A CSR is a request sent to a Certificate Authority to apply for a digital certificate.

You have two options:

  1. Use our CSR Generator to create the CSR automatically
  2. Follow our step-by-step tutorial on how to generate CSR in Ubuntu

Open a text editor such as Notepad to copy the CSR file and submit it to the Certificate Authority during your order process.

After your CA validates the CSR and issues the SSL certificate, you can proceed to the Ubuntu SSL installation instructions.

Install an SSL Certificate in Ubuntu Server

Follow the steps below to install your SSL certificate on Ubuntu. Ensure you don’t skip anything.

Step 1: Copy your certificate files to your server

Once you’ve completed the validation process, the Certificate Authority will send the SSL certificate files via email. Download the archived folder, and extract the server and intermediate certificates or CA Bundle. Upload them to the Ubuntu server in a specific directory.

You should have the following files ready for upload:

  • certificate.crt
  • Ca-bundle.crt
  • Private.key

Copy your certificate files to a directory on your server. By default, this directory is /etc/ssl/ for your certificate.crt and ca_bundle.crt files, and /etc/ssl/private/ for your private.key file.

Step 2: Edit the Apache.config file

Its usual location is in /etc/apache2/sites-enabled/your_site_name. If you don’t find it there, run the following command:

sudo a2ensite your_site_name

Open the Apache.config file with a text editor of your choice.

Note: To access your site via both HTTP and HTTPS, you must separate two different files in the sites-enabled folder. The HTTP file is for port 80, while the HTTPS one is for port 443.

Step 3: Configure the Virtual Host block

This action will make your site accessible only via the secure HTTPS protocol. Your default Virtual Host block contains the following lines of code:

DocumentRoot /var/www/site
ServerName www.yourdomain.com
SSLEngine on
SSLCertificateFile /path/to/yourdomain.crt
SSLCertificateKeyFile /path/to/yourdomain.key
SSLCertificateChainFile /path/to/yourdomain.crt

Adjust the Virtual Host block according to your SSL certificate details:

  • In the SSLCertificate File parameter update the location of your SSL certificate file
  • In the SSLCertificateKeyFile parameter, enter the location of the private key file you created during the CSR generation.
  • In the SSLCertificateChainFile parameter, provide the location of the intermediate certificate file or CA bundle. (What is the CA Bundle and where to find it?).

Note: If the SSLCertificateFile directive doesn’t work, use the SSLCACertificateFile instead.

Double-check the Virtual Host block, and save the .config file.

Step 4: Test your new .config file

Run the apachectlConfigtest command to test your new .config file for potential errors. If something is wrong with your configuration, you may need to go back and repeat the previous installation steps. If it works correctly, continue with the final step.

Step 5: Restart the Apache

Use the apach ectl stop and apa chectl start commands to restart the Apache.

Congratulations! You have successfully installed your SSL certificate on your Ubuntu server. To further test your SSL installation, and receive instant status reports, use these highly recommended SSL tools.

Where to Buy an SSL Certificate for Ubuntu Server?

SSL dragon is your one-stop place for all your SSL needs. We offer the lowest prices on the market for the entire range of our SSL products. We’ve partnered with the best SSL brands in the industry to offer you high-end SSL security and dedicated support. All our SSL certificates are compatible with Ubuntu servers.

Get an SSL certificate now

Frequently Asked Questions

How do I know if an SSL certificate is installed on Ubuntu?

You can check if an SSL certificate is installed on Ubuntu via the following command:

sudo update-ca-certificates

Copy Link

Where do I put the SSL certificate in Ubuntu?

The path for SSL certificates is the /etc/ssl/certs/ directory on your server. Your private key files go to /etc/ssl/privateThese are default locations, but you can change them depending on your configuration.

Copy Link

Where is the Apache .config file located?

By default, the Apache .config file resides in /etc/apache2/sites-enabled/your_site_name. If you don’t find it there, run the following command:

sudo a2ensite your_site_name

Copy Link

Save 10% on SSL Certificates when ordering today!

Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10

Save 10% Now!
Written by

Experienced content writer specializing in SSL Certificates. Transforming intricate cybersecurity topics into clear, engaging content. Contribute to improving digital security through impactful narratives.

How to Install SSL
Linux Platforms
Tutorials