Last updated on by Dionisie Gitlan
In this guide, you will learnhow to install an SSL Certificate on CentOS. If you don’t know where to buy an SSL Certificate for CentOS, please read until the end to discover the best SSL shop, and search tools for the optimal certificate.
Table of contents
- Generate a CSR code
- How to Install an SSL Certificate on CentOS 8
- Where to Buy an SSL Certificate for CentOS?
We also recorded a video that walks you through the entire process of installing an SSL certificate on CentOS:
If you prefer the text version of the tutorial, keep reading below:
Generate a CSR code
When applying for an SSL Certificate, you need to generate a CSR (Certificate Signing Request) and send it to the Certificate Authority. The CSR is a block of text that includes up to date information about your website or organization, as well as the public key.
You have two options:
- Generate the CSR automatically usingour CSR Generator.
- Follow our step-by-step tutorial onhow to create a CSR on CentOS.
How to Install an SSL Certificate on CentOS 8
Step 1: Ensure thatmod_sslis installed on your system
You can check this via the following command:
rpm -qa | grep mod_ssl
If it’s not, install it with
dnf install mod_ssl
Step 2: Create the chain of your SSL certificate
It must include the private key, as well as the root, intermediate and server certificates.
cat pub-key.pem ca-chain.pem > full-chain.pem
Place the PEM file with the SSL chain in the following directory on your Apache server:/etc/pki/tls/certs
Place the private key in the/etc/pki/tls/private/folder.
Secure your private key by making it inaccessible to other users:
chmod -R 600 /etc/pki/tls/private/
Step 3: Configure the Virtual Host block
In the configuration file for your domain (with.confextension), insert the following block of code:
SSLEngine on
# The path to the complete chain of your SSL certificate
SSLCertificateFile /etc/pki/tls/certs/full-chain.pem
# The path to the private key
SSLCertificateKeyFile /etc/pki/tls/private/privkey.pem
# The path to the content of your website.
AllowOverride All
# The path to the content of your website
DocumentRoot /var/www/yourdomain.com
# Domain name of your website
ServerName yourdomain.com
ServerAlias yourdomain.com
Replaceyourdomain.comwith your actual domain name.
If you don’t have a configuration file, create it via
nano /etc/httpd/conf.d/yourdomain.conf
and place it in the/etc/httpd/conf.d/directory.
Add HTTPS redirects to your .conf file:
ServerName yourdomain.com
ServerAlias www.yourdomain.com
Redirect "/" "https://yourdomain.com/"
Step 4: Save the changes and close the file
Step 5: Restart Apache:
systemctl restart httpd
How to Install an SSL Certificate in CentOS 7 & 6
Step 1: Download the certificates
Download the primary and intermediate certificates that you’ve obtained from your SSL provider
Step 2: Copy your SSL files to your Apache server
Make sure the.keyfile that you created along the CSR generation is also present on your server
Step 3: Locate and edit thehttpd.conforssl.conffile in the Apache configuration
Uses thecpandnanocommands:
# cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK
# nano /etc/httpd/conf.d/ssl.conf
If one or more files are commented out, remove the#character from the starting line, and enter the absolute path according to your Apache version.
For Apache versions older than the 2.4.8 release have the following directives and path:
- SSLCertificateFile – The path of your certificate file
- SSLCertificateKeyFile – The path of your key file
- SSLCertificateChainFile – The intermediate bundle path.
For Apache version 2.4.8 and higher have the following directives and path:
- SSLCertificateFile–The path of your certificate file
- SSLCertificateKeyFile–The path of your key file
- SSLCertificatePath–The intermediate bundle path.
Here’s an example of your certificates’ absolute file path. You can copy-paste the code below, but make sure to specify the correct names of your files.
SSLCertificateFile /etc/httpd/conf/ssl.crt/your_leaf_certificate.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/your_domain_name.key
SSLCACertificatePath /etc/httpd/conf/ssl.chain/your_intermediate_chain.crt
Note: Remember to change the permission of the certificate key file:
# chmod 400 /etc/httpd/conf/ssl.key/your_domain_name.com.key
Step 4: Restart the Apache
Save your configuration and restart Apache to complete the SSL installation.
Where to Buy an SSL Certificate for CentOS?
The best place to buy an SSL Certificate for your CentOS server is from a reputable SSL reseller such as SSL Dragon. Our prices are the lowest on the market, but there are even more benefits. We offer regular discounts and great deals on all our SSL products, and above all, stellar customer support. All our certificates are compatible with CentOS.
SSL Dragon takes care of your sensitive data security, so your website or business can thrive online!
Get an SSL certificate now
Frequently Asked Questions
How do I know if an SSL certificate is installed on CentOS?
To check the SSL certificate on CentOS, use the following OpenSSL command:
openssl x509 -text -in certificate.crt -noout
Copy Link
Where are SSL certificates stored in CentOS?
By default, the SSL certificates on CentOS are stored in the/etc/pki/tls/certs/directory. The private keys reside in/etc/pki/tls/private/directory.
Copy Link
How do I download OpenSSL on CentOS?
Open SSL comes pre-installed in all Linux distributions, including CentOS. Learn more aboutOpenSSL and its command lines.
Copy Link
Save 10% on SSL Certificates when ordering today!
Fast issuance, strong encryption, 99.99% browser trust, dedicated support, and 25-day money-back guarantee. Coupon code: SAVE10
Save 10% Now!
Written by Dionisie Gitlan
Experienced content writer specializing in SSL Certificates. Transforming intricate cybersecurity topics into clear, engaging content. Contribute to improving digital security through impactful narratives.