After generating the certificates, copy the files to the necessary directory.

[root@server ~]# cp ca.crt /etc/pki/tls/certs
[root@server ~]# cp ca.key /etc/pki/tls/private
[root@server ~]# cp ca.csr /etc/pki/tls/private

Now edit the secure web server configuration file and add the below lines into it.

[root@server ~]# vim /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Verify the Apache configuration file.

[root@server ~]# httpd -t
Syntax OK

Now open the apache web server configuration file using your favourite editor.

[root@server ~]# vim /etc/httpd/conf/httpd.conf

Append the following lines into it.

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
servername www.linuxhelp1.com
Documentroot /var/www/html
</VirtualHost>

And then Verify the Apache configuration file.

[root@server ~]# httpd -t
Syntax OK

Add the service and the port number to the firewall

[root@server ~]# firewall-cmd --permanent --add-service=https
success

 

[root@server ~]# firewall-cmd --permanent --add-port=443/tcp
success

 

[root@server ~]# firewall-cmd --reload
Success

Restart and enable the service for the web server

[root@server ~]# systemctl restart httpd.service
[root@server ~]# systemctl enable httpd.service


Note - It is good pratice to redirect all non-http traffic after installing SSL. According to the Apache docs you should avoid using mod_rewrite for simple redirections, and use Redirect instead. So according to them, you should preferably do:


<VirtualHost *:80>
    ServerName www.example.com
    Redirect / https://www.example.com/
</VirtualHost>

<VirtualHost *:443>
    ServerName www.example.com
    # ... SSL configuration goes here
</VirtualHost>


Thank you and happy hosting.