Announcement

Collapse
No announcement yet.

How to install SSL Certificates on Apache for CentOS or Fedora Servers

Collapse
X
Collapse
  •  

  • How to install SSL Certificates on Apache for CentOS or Fedora Servers

    Today SSL Certificates are very important for any website to look secure and safe browsing website. Not only users will like but even Google is considering SSL based websites for ranking, We personally use SSL certificates from ssls.com and ssl2buy.com , There are various providers offering 90 days free SSL certificates which you can use it for testing purpose, some are even offering free certificates for 1 year but do not trust those as they may not be compatible with browsers. So let's see How to accomplish the task to create SSL Certificates on Apache for CentOS or Fedora Servers.

    Before doing that have you ever thought of installing an SSL certificate, also referred as digital certificates on your CentOS or Fedora Server? If the answer is no, then why to take a chance in today’s era where stealing information is so much at ease with thousands and thousands of available software. Whether large or small, the business websites are targeted by hackers without many efforts. A higher page rank is granted even by Google to those whose browsing sites are encrypted with https:// prefix. Small data files which digitally bind a cryptographic key to an organisation’s details are termed as SSL certificates.

    To commence the process of actual installation of digital certificates on CentOS or even Fedora server making use of Apache httpd one needs to first acquire the digital certification. First, let’s just brush up our knowledge with a backdrop on the certificates and the steps involved in the instalment process.

    free ssl
    Different categories of SSL digital certificates

    The quantities of organisations starting to use SSL certificates has increased to a very great extent over the last few years. Various organisations are also expected to install the SSL certificated onto its web server to construct secure sessions with browsers. An encrypted channel is created between the client and the server via SSL Certificates. There is a wider expansion in the applications of SSL certificates, as a resultant 3 types of SSL Certificates are now available:

    Extended Validation (EV) SSL Certificate:

    A trusted third party called a Certificate Authority (CA) authenticates the justified rights of the applicant by thoroughly supervising and scrutinizing the usage of the specific domain name.EV guidelines are defined to give a prior knowledge of the process of issuance of EV SSL Certificates. Below are the specified steps required for a CA before a certificate can be issued:
    • The physical, operational and legal existence of the particular entity should be verified.
    • Verification should be done as in regards to the matching of the entity and its specification in the official records.
    • Verification is done to cross-check the rights of the entity to use the specified domain mentioned in the EV SSL Certificates.
    • Proper authorisation and issuance of EV SSL Certificates by the entity is verified thoroughly
    Organisation Validation or the short form OV- SSL Certificates:

    Domain ownership is validated through this kind of certificate, inhibiting the information of ownership in regards to the site owner’s name, city, state and country.

    Domain Validation or the short form- DV SSL Certificates:

    The certification to validate the registration of the domain name with admin rights to the website. A secure browser connection is validated to be established if the certificate is signed by a trusted CA.

    Wildcard SSL Certificates: To secure unlimited sub-domains wildcard SSL is the best option to use.

    free ssl certificate
    How to fix the web with an SSL certificate

    To begin with, the foremost demand is to buy or acquire the SSL Certificate.
    After placing the order for a CA approved SSL Certificate, the delivery time varies for DV SSL Certificate and EV SSL Certificate, from that of hours to weeks. The green signal to download the certificate is given by the CA.A 7 step process is followed for the same:
    1. A login is required to be done into Account Manager
    2. Click the cursor on the term SSL Certificates
    3. One is demanded to choose the required certificate and further click manage
    4. Click the term, view status in the actions column
    5. Take the cursor to download and click
    6. Type of server required can be selected now to download the zip file
    7. The downloaded file can be stored safely for future purpose.
    Finally to establish the instalment process of an SSL Certificate for the Apache server on the CentOS and Fedora follow the steps and you will be directed towards the installation:
    1. Using SSH, a login is made to the server, make sure you have root access to the server.
    2. OpenSSL client software should be installed.
    Code:
     yum install mod_ssl OpenSSL
    If OpenSSL is already installed, It will indicate the software is already installed.

    3.The requirement of a directory is generated to store the server encryption key and its certificate.

    Code:
    mkdir /etc/httpd/ssl
    4. The server encrypted key and the SSL Certificate file can now be copied to a new directory.

    5. The ssl.conf or httpd.conf file can now be edited as per below example: Here we are working with ssl.conf.

    Code:
     vi /etc/httpd/conf.d/ssl.conf
    Locate the correct virtual host and it edits the path to correct SSL certificate location.

    Code:
    DocumentRoot /var/www/html
    
    ServerName www.yourdomainname.com
    
    SSLEngine on
    
    SSLCertificateFile /path/to/your_certificate.crt
    
    SSLCertificateKeyfile /path/to/your_private.key
    
    SSLCertificateChainFile /path/to/your_cabundle.crt
    6. Check that the configured files are free from any errors

    Code:
    apachectl configtest
    7. Be Ready to restart safe and secure web server

    Code:
     /etc/init.d/httpd restart or service apache restart
    The SSL configured site should now be available at https://www.your-domain.com Feel free to contact us if you have any queries.
      Posting comments is disabled.

    Categories

    Collapse

    Latest Articles

    Collapse

    • Recognizing as a Top Devops Company
      by Administrator
      Being recognized as a top DevOps company involves a combination of technical expertise, customer satisfaction, and innovation. Here are some key factors that contribute to becoming a leading DevOps company:

      1. Technical Expertise:

      - Skilled Team: A company with highly skilled DevOps engineers proficient in various tools like Jenkins, Docker, Kubernetes, Terraform, and AWS.
      - Continuous Integration/Continuous Deployment (CI/CD):Mastery in implementing robust CI/CD...
      08-14-2024, 11:53 AM
    • Collaboration, Innovation, and Continuous Improvement with DevOps as a Service
      by Administrator
      The rise of DevOps as a Service (DaaS) is not just a technological evolution but a cultural revolution. As organizations across industries adopt DaaS, they experience a profound shift in
      their operational and cultural landscapes. This transformation fosters collaboration, sparks innovation, and cultivates a culture of continuous improvement.

      Collaboration:

      In traditional IT environments, development and operations teams often work in divisions,leading to communication...
      07-08-2024, 01:05 PM
    • What is Containerization? A Deep Dive into Containerization
      by Lalit_Waghulkar
      Hey there tech enthusiasts!

      Today, we're diving into the tech wonderland of containerization – a game-changer in the world of software development. So, buckle up your coding belts as we explore the ins and outs of this revolutionary technology and how it's turning the tables for developers everywhere.

      Containerization: What's the Buzz About?
      Alright, let's start with the basics. Containerization is like a digital lunchbox for your apps, keeping everything they need...
      01-10-2024, 03:08 PM
    • Enable native brute-force protection
      by Akash Gorane
      Error on Imunify 360 dashboard: Enable native brute-force protection module for Dovecot to protect against IMAP/POP3 services attacks.
      Screenshot: https://prnt.sc/ExqjW1hdfOrR

      Solution: Dovecot native brute force protection module improves stability and resolves issues that standard PAM caused in some cases The following commands can be used to control the Dovecot native module.

      Enable:
      :
      imunify360-agent config update '{"PAM": {"enable":
      ...
      02-03-2023, 06:12 PM
    • Enable native brute-force protection.
      by Akash Gorane
      Error on Imunify 360 dashboard: Enable native brute-force protection module for Dovecot to protect against IMAP/POP3 services attacks.
      Screenshot: https://prnt.sc/ExqjW1hdfOrR

      Solution: Dovecot native brute force protection module improves stability and resolves issues that standard PAM caused in some cases The following commands can be used to control the Dovecot native module.
      Enable:

      :
      imunify360-agent config update '{"PAM": {"enable":
      ...
      02-03-2023, 06:09 PM
    • Top Command
      by Akash Gorane
      'top' command is used to display dynamic real-time information about running processes in the system.

      - PID: Shows task’s unique process id.
      - PR: Stands for priority of the task.
      - SHR: Represents the amount of shared memory used by a task.
      - VIRT: Total virtual memory used by the task.
      - USER: User name of owner of task.
      - %CPU: Represents the CPU usage.
      - TIME+: CPU Time, the same as ‘TIME’, but reflecting more granularity through
      ...
      01-12-2023, 05:12 PM
    Working...
    X