After generating the certificates, copy the files to the necessary directory.
[root@server ~]# cp ca.crt /etc/pki/tls/certs [root@server ~]# cp ca.key /etc/pki/tls/private [root@server ~]# cp ca.csr /etc/pki/tls/private
Now edit the secure web server configuration file and add the below lines into it.
[root@server ~]# vim /etc/httpd/conf.d/ssl.conf SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Verify the Apache configuration file.
[root@server ~]# httpd -t Syntax OK
Now open the apache web server configuration file using your favourite editor.
[root@server ~]# vim /etc/httpd/conf/httpd.conf
Append the following lines into it.
<VirtualHost *:443> SSLEngine on SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key servername www.linuxhelp1.com Documentroot /var/www/html </VirtualHost>
And then Verify the Apache configuration file.
[root@server ~]# httpd -t Syntax OK
Add the service and the port number to the firewall
[root@server ~]# firewall-cmd --permanent --add-service=https success
[root@server ~]# firewall-cmd --permanent --add-port=443/tcp success
[root@server ~]# firewall-cmd --reload Success
Restart and enable the service for the web server
[root@server ~]# systemctl restart httpd.service [root@server ~]# systemctl enable httpd.service
Note - It is good pratice to redirect all non-http traffic after installing SSL. According to the Apache docs you should avoid using mod_rewrite for simple redirections, and use Redirect instead. So according to them, you should preferably do:
<VirtualHost *:80>
ServerName www.example.com
Redirect / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
# ... SSL configuration goes here
</VirtualHost>Thank you and happy hosting.