⭐️Tutorial: Installing SSL Certificates on Linux Server
Hi everyone! This tutorial is for those individuals or small businesses who want to secure data transmission between client and their web server. In other words, SSL provides a proof to customers that your website is not harmful and all sensitive data such credit cards infomation will be protected during data transmistion, which is also known as HTTPS. However, you can skip this tutorial if you have used some big web hosting company such as Godaddy to do all the work for you. If you have a dedicated server or a cloud-based server such as AWS EC2, let’s begin building up SSL on your server.
Simply speaking, I assume you have these background:
Linux basics + Apache (Web Server) basics. !That’s all!
Step 1. Go to godaddy.com and purchase the SSL certificates.
Step 2. Login your Account and you should see your ssl certificates. Then click Mange.
Step 3. You need to generate CSR (Certificate Signing Request) by typing the commands below in the terminal, then you should fill in some necessary info. such as country code, email address, etc. More info please refer to this link.
$cd /etc/apache2/; mkdir godaddy$cd godaddy$openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
Step 4. If everything went good by now, you expect to see the output file yourdomain.key in /etc/apache2/godaddy/. You need to open this file and copy the entire content and paste to CSR in your godday portal. Click Next.
Step 5. Verify my certificate request, this is nothing but to prove that you are the owner of the website. Godaddy gives you options to verify. The one I used is HTML page verification because I have a dedicated server and not email associated with domain name. By now, you should have received a email that contains special code, so you can add this to the specific directory. Create a directory named “/.well-known/pki-validation/”
$mkdir /var/www/html/.well-known/pki-validation/$sudo vim godaddy.html
Copy the special code first, then open vim editor and paste it into the godaddy.html. Vim Editor Trick: Press i then p. Pressing i allows you to enter insert mode, p will paste the code. Then press ESC key to esacpe to normal mode, Last step is HOLD shift and press z twice. Then your file should be saved. Now please go to the link http://yourdomain.com/.well-known/pki-validation/godaddy.html. You should see the code in the browser.
Step 6. Congratulations! You should receive a confirmation email saying that you have successfully verified ownership of the domain. Log back into godday console.
Step 7. Choose Apache server and Download SSL certificate files. Unzip this file, you should have two .crt files inside.
Step 8. FTP these two files to /etc/apache2/godaddy. I used FileZilla. Make sure you have write permission to the file of godaddy. Expected three files including two .crt and one .key file inside of godaddy. Result as following.
Step 9. Modify ssl configuration file.
$cd /etc/apache2/sites-available/$vim default-ssl.conf # Edit the following linesSSLCertificateFile /etc/apache2/godaddy/xxxxxxxxxxxxx.crtSSLCertificateKeyFile /etc/apache2/godaddy/yourdomain.keySSLCertificateChainFile /etc/apache2/godaddy/xxxxx_xxxx-g2-g1.crt
Step 10. Restart Apache Web Server and you have finished!
$sudo service apache2 restartCongraulations! You have successfully installed SSL certificates in web server. Your clients will be able to visit your website securely and have no security warning prompts from google chrome!
Note: if you fail to restart Apache server, you could open apache error.log file to see what is happening.
$less /var/log/apache2/error.logHope you enjoy my first tech contribution! 💙
Also enjoy this cat by Erik-Jan Leusink.
Reference:
https://www.godaddy.com/help/ssl-certificates-1000006
