Install a GoDaddy SSL certificate

Generate certificate for GoDaddy:

openssl genrsa -des3 -out www.sample.com.key 2048
openssl req -new -key www.sample.com.key -out www.sample.com.csr

Give to GoDaddy the contain of www.sample.com.csr

Then you’ll receive a mail on the administrative contact of the domain mail address.
After that you’ll receive from GoDaddy a zip file containing the cert, in our example sample.com.crt.

If you set up a pass when you’ve created the cert file and you want to get rid of it here is how you can remove the pass:

Always backup the original key first (just in case)!

 # cp www.sample.key www.sample.key.orig

Then unencrypt the key with openssl. You’ll need the passphrase for the decryption process:

 # openssl rsa -in www.sample.key -out new.sample.key

Now copy the new.key to the www.key file and you’re done. Next time you restart the web server, it should not prompt you for the passphrase.

mv www.sample.com.key.nopass www.sample.com.key

Then place the key and crt file into /etc/pki/tls/cets

mv sample.com.crt /etc/pki/tls/certs/
mv www.sample.com.key /etc/pki/tls/certs/

Make sure that nobody other then root can access those files:

chmod 0600 /etc/pki/tls/certs/sample.com.crt
chmod 0600 /etc/pki/tls/certs/www.sample.com.key

Configuring apache:

Install mod_ssl for apache:

yum install mod_ssl

Edit /etc/httpd/conf.d/ssl.conf according to this:

#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /etc/pki/tls/certs/sample.com.crt
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /etc/pki/tls/certs/www.sample.com.key
Add document root wich should contain the dir where your webfiles are stored:

DocumentRoot /virtual/web/sites/shared/www.sample.com/html

Add Directory wich should contain path to your web files:
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all

Then restart the apache:

/etc/init.d/httpd restart or service httpd restart

Next you need to force http request to https. In order to do that create a .htaccess file inside your web dir containing:

RewriteEngine on
RewriteCond %{SERVER_PORT} =80
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI}

Bookmark the permalink.

Comments are closed.