Blog

How to Install SSL on Apache on Subdomain

For one of my sites I needed to install a SSL certificate. Here is the procedure you have to follow to have the certificate installed without issues.

First generate a Certificate Sign Request (CSR) on the server, where the SSL will be installed. Go to the folder, where you would like the key to reside, and issue the following command

openssl req -new -newkey rsa:2048 -nodes -keyout sub.lesichkov.co.uk.key -out sub.lesichkov.co.uk.csr

Once you have the CSR file (.csr) ready send it to your SSL provider to issue the certificate. The issuer will request to verify you are the owner of the domain, either by uploading a file to your root directory (make sure it accessible, as the issuer should be able to view), or by sending you a verification email belongng to the domain.

With the SSL ready, copy the SSL certificate to you /etc/ssl directory.

I separate my webstes each in a separate Apache config files to keep these clean and tidy. So open your website config file and add the SSL configuration. When you finish your config file should look like this:



        ServerName sub.domain.com
        ServerAdmin info@domain.com
        DocumentRoot /www/sub.domain.com/public

        ErrorLog  /www/sub.domain.com/error.com.log
        CustomLog /www/sub.domain.com/access.com.log combined

        
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Require all granted
        


        
                ServerName sub.domain.com:443
                ServerAdmin info@domain.com
                DocumentRoot /www/sub.domain.com/public

                ErrorLog  /www/sub.domain.com/error-ssl.com.log
                CustomLog /www/sub.domain.com/access-ssl.com.log combined
                SSLEngine on
                SSLCertificateFile    /etc/ssl/sub_domain_com.crt
                SSLCertificateKeyFile /etc/ssl/sub.domain.com.key

       
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Require all granted
        

        

 

Restart your server