Download and unzip your certificate files
In this Tutorial, let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on Apache server with modssl. Perhaps the private key is still somewhere in your system - it should be a.key file. Which command did you use to make the CSR? Note that if you don't have the private key anymore then this certificate is useless and you'll need to request a new one. Edit: possible duplicate of Apache - Generate private key from an existing.crt file.
Follow these instructions to generate a certificate signing request (CSR) for your Apache Web server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page. Oct 17, 2017 This will provide us with our domain certificate file namely puebe.com.crt with a compatible format which supports in Linux. Extracting the Key file from the pfx file We can use this command to extract the key details for the domain puebe.com from the pfx file.
Download and unzip your SSL certificate files by clicking on the download link in your fulfillment email or from your GeoCerts SSL Manager account. There will be two .crt files.
Jul 08, 2009 You can also generate self signed SSL certificate for testing purpose. In this article, let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on Apache server with modssl. Key, CSR and CRT File Naming Convention.
your_domain_com.crt
CA_Bundle.crt
Copy these files, along with the private key file you created when generating the CSR, to the Apache server directory in which you plan to store your certificates. The location depends on your Linux distro.
SSL directory on Ubuntu/Debian/Gentoo
The correct directory place to store your_domain_com.crt and CA_Bundle.crt is
Save your private keys to
/etc/ssl/certs
Save your private keys to
/etc/ssl/private
SSL directory on CentOS
The correct directory place to store your_domain_com.crt and CA_Bundle.crt is
Save your private keys to
/etc/pki/tls/certs
Save your private keys to
/etc/pki/tls/private
Note: for added security make these files readable by root only.
Locate your Apache VHost configuration file
The location of your Apache config files will vary depending on your Linux distribution's default layout. For Ubuntu with Apache2 the main VHost config file is typically located in
/etc/apache2/sites-enabled/your_site_name
. Having trouble locating your server's VHost config file? Try one of these commands to point you in the right direction.
Edit your Apache <VirtualHost>
config file
Open the Apache config file for editing. Locate the
<VirtualHost>
container. Below is ano-frills example of a virtual host with three directives in bold that must be configured for SSL.Adjust file names to match names of your cert files.
Generate Crt And Key From Apache Linux Free
- SSLCertificateFile is your SSL domain server certificate file:
your_domain_com.crt
- SSLCertificateKeyFile is the private key you created when you generated the CSR:
private.key
- SSLCertificateChainFile is the CA intermediate(s) bundle file:
CA_Bundle.crt
Note: Some versions of Apache will not accept theSSLCACertificateFiledirective. Try usingSSLCertificateChainFileinstead.
Test your Apache SSL configuration
After making changes to your Apache config file it is good practice to check for syntax errors before restarting. Apache will not start if there are config syntax errors. The command will returnSyntax OKif there are no errors.
Restart Apache
You can use
apachectl
commands to restart Apache with SSL support.Verify Installation
- To verify if your certificate is installed correctly, use our Certificate Installation Checker.
- Test your SSL certificate by using a browser to connect to your server. Use the https protocol directive. For example, if your SSL was issued to secure.mysite.com, enter https://secure.mysite.com into your browser.
- Your browser's padlock icon will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.
Additional Resources
- Official Apache HTTP Server Project
- Troubleshooting Apache SSL Certificate Errors
Please contact our support team if you have any additional problems or questions.
This guide will show you how to convert a .crt certificate file and associated private key, and convert it to a .pfx file using OpenSSL. This can be useful if you need to take a certificate file, and load it onto a Windows server for example.
A PFX file is a way of storing private keys, and certificates in a single encrypted file. It is commonly used to import and export certificates and keys on a Windows PC.
In the example below, the following files will be used:
domain.name.crt – this is the public certificate file.
domain.name.key – This is the private encryption key for the above certificate.
domain.name.pfx – This will be the PFX file outputted from OpenSSL.
Converting the crt certificate and private key to a PFX file
A PFX file is a way of storing private keys, and certificates in a single encrypted file. It is commonly used to import and export certificates and keys on a Windows PC.
In the example below, the following files will be used:
domain.name.crt – this is the public certificate file.
domain.name.key – This is the private encryption key for the above certificate.
domain.name.pfx – This will be the PFX file outputted from OpenSSL.
Converting the crt certificate and private key to a PFX file
This will create a pfx output file called “domain.name.pfx”.
You will be asked for the pass-phrase for the private key if needed, and also to set a pass-phrase for the newly created .pfx file too.
You can now load this .pfx file onto a Windows machine, or wherever needed.
You will be asked for the pass-phrase for the private key if needed, and also to set a pass-phrase for the newly created .pfx file too.
You can now load this .pfx file onto a Windows machine, or wherever needed.