NEW, BETTER, AUTOMATED!
USE LETS ENCRYPT: https://letsencrypt.org/
I created a free SSL cert at – https://www.startssl.com/ Couple of caveats, it is only good for a single domain, one year, and not the newest and greatest encryption standards.
- Copy the Certificate files to your server.
- Run cmd “sudo a2enmod ssl”
- Find the Apache config file to edit. (/etc/apache2/sites-enabled/your_site_name)
- Edit the correct <VirtualHost>
- Configure the <VirtualHost> block for the SSL-enabled site.Below is a very simple example of a virtual host configured for SSL. The parts listed in bold are the parts that must be configured for the SSL configuration and they may be spread out throughout the file:
<VirtualHost 192.168.0.1:443> DocumentRoot /var/www/ SSLEngine on SSLCertificateFile /path/to/domain.crt SSLCertificateKeyFile /path/to/private.key SSLCertificateChainFile /path/to/intermdiate.crt </VirtualHost>
Adjust the file names to match your certificate files:
- SSLCertificateFile should be your certificate file (eg. domain.crt).
- SSLCertificateKeyFile should be the key file generated when you created the CSR.
- SSLCertificateChainFile should be the intermediate certificate file (intermdiate.crt)
If the SSLCertificateChainFile directive does not work, try using the SSLCACertificateFile directive instead.
- Test your Apache config before restarting by running “apachectl configtest”
- Restart Apache “apachectl restart”
That’s it! You should have a site that is now SSL encrypted.