Prerequisites

Before beginning the installation, ensure you have:

  • SSH access with root or sudo privileges
  • Apache (httpd) installed and running
  • Your SSL certificate files (Certificate, Private Key, and CA Bundle)
  • The mod_ssl module enabled on your server
💡
Need a certificate? We offer affordable SSL certificates starting at just $13.99/yr with instant issuance for DV certificates.

Step 1 — Upload Certificate Files

Upload your certificate files to a secure directory on your server. On Ubuntu/Debian, this is often /etc/ssl/certs/, and on CentOS/RHEL, /etc/pki/tls/certs/.

# Create a dedicated directory
sudo mkdir -p /etc/apache2/ssl/yourdomain.com/

# Upload your files to this directory:
# yourdomain.crt (Certificate)
# yourdomain.key (Private Key)
# ca-bundle.crt (Intermediate CA Bundle)

# Set secure permissions for the private key
sudo chmod 600 /etc/apache2/ssl/yourdomain.com/yourdomain.key

Step 2 — Configure Apache VirtualHost

Locate your website's configuration file. It is typically found in /etc/apache2/sites-available/ or /etc/httpd/conf.d/.

Edit the file to include the SSL configuration:

<VirtualHost *:443>
    ServerName yourdomain.com
    ServerAlias www.yourdomain.com
    DocumentRoot /var/www/yourdomain.com

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/yourdomain.com/yourdomain.crt
    SSLCertificateKeyFile /etc/apache2/ssl/yourdomain.com/yourdomain.key
    SSLCertificateChainFile /etc/apache2/ssl/yourdomain.com/ca-bundle.crt

    # Recommended Security Settings
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    SSLCipherSuite HIGH:!aNULL:!MD5
    SSLHonorCipherOrder on

    <Directory /var/www/yourdomain.com>
        AllowOverride All
    </Directory>
</VirtualHost>

Step 3 — Test and Restart Apache

Always test your configuration for syntax errors before restarting the service.

  1. Check configuration syntax
    sudo apachectl configtest

    Ensure it returns Syntax OK.

  2. Restart Apache
    sudo systemctl restart apache2 # Ubuntu/Debian
sudo systemctl restart httpd   # CentOS/RHEL

Step 4 — Redirect HTTP to HTTPS

To ensure all visitors use the secure version of your site, add a redirect in your port 80 VirtualHost:

<VirtualHost *:80>
    ServerName yourdomain.com
    ServerAlias www.yourdomain.com
    Redirect permanent / https://yourdomain.com/
</VirtualHost>

Step 5 — Verify Installation

Visit https://yourdomain.com in your browser and check for the padlock icon. You can also use our SSL Checker tool for a deep scan of your configuration.