This article assumes that you have experience with Apache and configuring Virtual Hosts in Linux or Windows.
You can download the files required to install the TLS/SSL certificate in the Apache web server from the RCL Portal on the Certificate Details page.
You can also use the RCL CertificateBot to automatically renew and download the files required to install the TLS/SSL certificate in the Apache web server.
The files required are :
- Certificate Private Key (.key)
- Primary Certificate (.crt)
- Intermediate Certificates (CA Bundle) (.crt)
After you have downloaded the certificate files, the next step is to edit your Apache configuration file to use them.
Ensure the SSL module is enabled in apache.
Linux Command :
sudo a2enmod ssl
In Windows :
httpd.conf file, change the following lines by removing the leading # sign in order to uncomment the lines:
#Loadmodule ssl_module modules/mod_ssl.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
In your server, create a Virtual Host entry or file for your domain under the recommended folder. Use it to enable SSL and include the certificate files as required. (If there is a SSL default template available in your apache server, then use the template to create the Virtual Host). In Windows, edit the
Please see the Virtual host example below:
<VirtualHost *:443> ServerAdmin firstname.lastname@example.org DocumentRoot /path/to/mysite ServerName mydomain.com # This is the important section SSLEngine on SSLCertificateFile /path/to/primaryCertificate.crt SSLCertificateKeyFile /path/to/privateKey.key SSLCertificateChainFile /path/to/caBundle.crt </VirtualHost>
You can modify the names of the files and paths to match the location and filename that you used to save your certificate files:
- SSLCertificateFile - should be your Primary Certificate file (.crt)
- SSLCertificateKeyFile - should be the Certificate Private Key file (.key)
- SSLCertificateChainFile - should be the CA Bundle (Intermediate Certificates) file (.crt)
Ensure the Virtual host is enabled in apache.
Linux example command for ‘mysite.conf’ :
sudo a2ensite mysite.conf
Reload the Apache service once you’re done.
sudo systemctl reload apache2
Now you can confirm your domain SSL certificate using any of the SSL checker tools available. Or you can just browse the URL.