🤩 New Cool Developer Tools for you. Explore →
FREE JavaScript Video Series Start Learning →
FLAT 75% OFF All Interactive courses at flat ₹250 / $3.25 only. HURRRRRY!! Explore now
  Signup/Sign In
Tests
MCQs to test your knowledge.
Forum
Engage with the community.
Compilers
Compilers to execute code in browser.
Index
PUBLISHED ON: MARCH 2, 2023

Setup SSL with Apache

SSL (Secure Sockets Layer) is a security protocol that ensures the privacy and integrity of data exchanged between a client (such as a web browser) and a server (such as an Apache server). When you add SSL to your Apache server, all communication between the client and the server will be encrypted, making it much harder for hackers to intercept and steal sensitive information.

In this article, we will walk you through the steps to add SSL to an Apache server. We'll cover how to install and configure the necessary components, as well as how to enable SSL on your server.

Step 1 Install Apache mod_ssl module

The first step in adding SSL to your Apache server is to install mod_ssl, which is a module that provides SSL support for Apache.

To install mod_ssl on a Debian-based system (such as Ubuntu), use the following command:

$ sudo apt-get install libapache2-mod-ssl

For Red Hat-based systems (such as CentOS), use the following command:

$ sudo yum install mod_ssl

Step 2: Get an SSL certificate

After installing mod_ssl, you will need to obtain an SSL certificate. There are several ways to do this, but the most common is to purchase one from a reputable Certificate Authority (CA). CAs issue SSL certificates after verifying the identity of the website owner, which ensures that the certificate is legitimate.

There are many CAs to choose from, each offering different types of SSL certificates. Some of the more popular options include:

  1. Domain Validated (DV) Certificates: These are the simplest type of SSL certificate and are usually issued within minutes. They are generally used for small websites or blogs that don't handle sensitive information.
  2. Organization Validated (OV) Certificates: These certificates require deeper verification of the website owner's identity and are typically used for larger businesses or websites that handle sensitive information.
  3. Extended Validation (EV) Certificates: These are the most secure type of SSL certificate and require the most thorough verification of the website owner's identity. They are usually used by large well-known companies.

Once you've chosen a CA and purchased an SSL certificate, you'll need to install it on your Apache server.

Step 3: Install the SSL certificate

To install the SSL certificate on your Apache server, you will need to create a new configuration file in the Apache configuration directory (usually /etc/apache2/sites-available on Debian-based systems or /etc/httpd/conf.d on RedHat-based systems).

The configuration file must contain the following information:

  1. The path to the certificate and private key files.
  2. The SSL certificate chain file (if applicable)
  3. The SSL protocol to use (usually TLSv1.2 or TLSv1.3)
  4. Any other SSL-related policies, such as cipher suites and client authentication settings

For example, a basic SSL configuration file might look like this:

<VirtualHost *:443>
    ServerName domain.com
    DocumentRoot /var/www/domain.com

    SSLEngine on
    SSLCertificateFile /path_to/certificate.crt
    SSLCertificateKeyFile /path_to/private.key
    SSLCACertificateFile /path_to/chain.crt
    SSLProtocol TLSv1.2
    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256

</VirtualHost>

Be sure to replace the paths and values ??in this example with your own certificate and key files, as well as any other desired SSL directives.

Step 4: Enable SSL on Apache server

After installing the SSL certificate and creating the configuration file, you will need to enable SSL on your Apache server.

To do this, you will need to run the following command:

$ sudo a2ensite ssl

This will enable the SSL configuration file created in the previous step.

Step 5: Restart Apache

Finally, you will need to restart the Apache service for the changes to take effect. To do this, use the following command:

$ sudo systemctl restart apache2

It is important to update your SSL certificate regularly and keep your Apache server up to date to ensure the security and privacy of your website and its users. Also remember to redirect HTTP traffic to HTTPS by adding the following directive to your Apache configuration file:

Permanent redirect / https://example.com/

This will ensure that all traffic to your website is encrypted and secure.

Conclusion

By following these steps, you should now have SSL enabled on your Apache server. You can verify this by visiting your website using the HTTPS protocol, which should now show a secure connection.

Want to learn coding?
Try our new interactive courses.
View All →
Over 20,000+ students enrolled.
About the author:
sam5epi0l
Pradeep has expertise in Linux, Go, Nginx, Apache, CyberSecurity, AppSec and various other technical areas. He has contributed to numerous publications and websites, providing his readers with insightful and informative content.
Learn to Code
Learn and practice coding side-by-side.
NEW
C language Course
115+ coding exercises
Javascript Course
85+ coding exercises
More →