This article assumes that you have experience with Apache 2 and configuring Virtual Hosts in Linux or Windows.
You can download the files required to install the TLS/SSL certificate in the Apache web server from the RCL SSL Portal on the Certificate Details page.
The files required are :
- Certificate Private Key (.key)
- Primary Certificate (.crt)
- Intermediate Certificates (CA Bundle) (.crt)
Download the files to a suitable folder in your hosting machine.
wget https://url-of-the-file -O filename.extension
In Linux, you can use the
wget command to download the file. Run the command for each file you want to download.
Download the file to a folder in the hosting machine
The SSL/TLS certificate files will be stored at the path you specified in the
appsettings.json configuration file.
At this path, a folder is generated by the auto renew service based on the certificate name. All the files for the certificate will be stored in this folder.
For each certificate, the following files are downloaded and saved on the hosting machine with the following file names:
certificate.pfx- The PFX certificate file
primaryCertificate.crt- The Primary Certificate file
fullChainCertificate.crt- The full chain certificate file
caBundle.crt- The Intermediate Certificates (CA Bundle) file
privateKey.key- The Certificate Private Key file
The files are saved in a folder generated by the auto renew service based on the certificate name following these conventions :
|Type||Example Certificate Name||Example Folder Name|
|SAN HTTP Challenge||shopeneur.com,www.shopeneur.com||shopeneur-com-san-www|
|SAN DNS Challenge||shopeneur.com,*.shopeneur.com||shopeneur-com-san-wcard|
After you have obtained the certificate files, the next step is to edit your Apache configuration file to use them.
It is assumed that you have Apache 2 already installed and hosting your website on your hosting machine. In addition, you have established your own custom domain name that points to your website.
sudo a2enmod ssl
conf/httpd.conf file, change the following lines by removing the leading # sign in order to uncomment the lines:
#Loadmodule ssl_module modules/mod_ssl.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
In your hosting machine, create a Virtual Host entry or file for your domain under the recommended folder. Use it to enable SSL and include the certificate files as required.
If there is a SSL default template available in your Apache server, then use the template to create the Virtual Host.
In Linux, the Virtual Host files are usually located at:
In Windows, the Virtual Host files are usually located at:
Please see the Virtual host example below:
<VirtualHost *:443> ServerAdmin firstname.lastname@example.org DocumentRoot /path/to/mysite ServerName mydomain.com ServerAlias www.mydomain.com # This is the important section SSLEngine on SSLCertificateFile /path/to/primaryCertificate.crt SSLCertificateKeyFile /path/to/privateKey.key SSLCertificateChainFile /path/to/caBundle.crt </VirtualHost>
Note : The
SSLCertificateChainFile may be named
SSLCACertificateFile in some apache installations.
You can modify the paths to match the location that you used to save your certificate files:
- SSLCertificateFile - should be your Primary Certificate file (.crt)
- SSLCertificateKeyFile - should be the Certificate Private Key file (.key)
- SSLCertificateChainFile - should be the CA Bundle (Intermediate Certificates) file (.crt)
Ensure the actual files exists at the path shown above. If the files do not exist, Apache will not be able to re-start.
Ensure the Virtual host is enabled in Apache.
Linux example command for ‘mysite.conf’ :
sudo a2ensite mysite.conf
Reload the Apache service once you’re done.
sudo systemctl reload apache2
In Windows, save the virtual host file and restart the Apache service.
Now you can confirm your domain SSL certificate using any of the SSL checker tools available. Or you can just browse the URL.