The Apache HTTP server can load external modules (dynamic shared objects or DSOs) to extend its functionality. The module argument is the name of the DSO, and filename is the path name of the module relative to ServerRoot. In this article, we will show you how to set up multiple SSL Certificates on a CentOS with Apache using a single IP address only. In general, a website administrator is restricted to use a single SSL Certificate per socket with an IP which will cost a lot of investment to the company. Apache's main configuration file is typically named httpd.conf or apache2.conf. Possible locations for this file include /etc/httpd/ or /etc/apache2/. For a comprehensive listing of default installation layouts for Apache HTTPD on various operating systems and distributions, see Httpd Wiki - DistrosDefaultLayout. New in httpd 2.4: If, ElseIf, and Else. Over the coming weeks, I'm going to be writing several articles about new features in Apache httpd 2.4. To me the most compelling reason to upgrade to Apache 2.4 today is the directive, so that's where I'll start.
Apache Httpd Add Https
Learn how to install an SSL certificate on the Apache webserver running on the Linux machine. Steps include installation, configuration, and verification.
Before we start will SSL certificate steps lets run through below pre-requisite:
- You have an Apache webserver running on your Linux machine.
- You have generated a CSR file and submitted it to the certificate vendor. Read here: steps to generate CSR.
- You have received an SSL certificate file from the vendor.
SSL certificate you received from the certificate vendor should be a filename.crt
file. This file can be opened with a text editor and looks like below :
Installation :
Using FTP, sftp, etc, copy SSL certificate, intermediate certificate file (if any), and private key file (generated during CSR file generation step above) on Linux machine running Apache webserver. It is advisable to copy these files within the Apache installation directory and furthermore in separate directories if you want to maintain old files archives. For example, if the Apache installation directory is /etc/httpd
then you can create a directory/etc/httpd/ssl_certs
and keep new/old certificates in it. Same for keys you can create /etc/httpd/ssl_keys
and keep new/old key files in it.
Normally certificate and key files should be readable to the owner and group to which Apache users belong.
Configuration :
Login to your Linux machine and navigate to your Apache installation directory where the configuration file resides. Most of the time it’s installed in/etc/httpd/
directory. If you are not where your Apache in installed, identify appropriate Apache instance in ps -ef
output (in case multiple Apache instances running on the same machine). To check the Apache configuration file location use below command :
See the last line of above output which will show configuration file (i.e. httpd.conf
) location. This is a relative path. The complete absolute path of the config file can be obtained by observing HTTPD_ROOT
value in the above output. So complete path for config file will be HTTPD_ROOT/SERVER_CONFIG_FILE
i.e. /etc/httpd/conf/httpd.conf
in this case.
Once you are able to trace the configuration file, you need to edit this file with a text editor like vi and mention the SSL certificate path. You need to define below three paths. If parameters are already in the file then just edit their paths.
These paths are the ones where you copied SSL cert, intermediate cert, and private key in the above step. Save and verify changes.
Final step :
You are done with configuration now but Apache instance doesn’t know these changes. You need to restart the Apache instance to take these new changes in action. You can restart Apache with below command :
What Is Apache Httpd
Verify if Apache is up and running using ps -ef
command. If you don’t see Apache instance running then check error.log for troubleshooting. This log file is located under the Apache installation directory under the logs directory. The path can be identified from DEFAULT ERROR_LOG
value in the abovehttpd -V
output.
Apache Http Https
Verification :
Once Apache is up and running with this new configuration, verify if you installed your certificate correctly or not by visiting this online, free tool by Symantec.
Apache Httpd Https Gmail
Apache Httpd 2.4
Also, you can visit your website/link which is being served by Apache in a fresh browser session and check certificate details by clicking the lock icon in the browser bar. Then clicking details on coming dropdown.
You will be presented with below screen, Click on view certificate to view certificate details.
This will show you below certificate details which include purpose, issue date, expiry date, organization, issuer, etc.