How to Install and Configure SSL Certificate on Apache Server in CentOS 8
In this tutorial, we will install an SSL certificate on the Apache web server for CentOS 8. This will ensure that website traffic is encrypted and HTTPS is used. First, you need a web server. How to install Apache on CentOS 8 was discussed earlier. An SSL certificate is required too. We recently looked at how to set up Apache virtual hosts on CentOS 8. It may be useful to learn it before proceeding to installing an SSL certificate.
In the Serverspace you can create a server with already installed app "Apache".
Checking mod_ssl
First, you need to make sure that mod_ssl is installed in the system. To check this, run:
rpm -qa | grep mod_ssl
If you see no output, install mod_ssl:
dnf install mod_ssl
Place the SSL certificate on the server
You need to create a full certificate chain by combining your public SSL certificate and the certificate authority chain:
cat pub-key.pem ca-chain.pem > full-chain.pem
Move the full chain to the /etc/pki/tls/certs/ directory. Then move the private key to the /etc/pki/tls/private/ directory and restrict its access:
mv full-chain.pem /etc/pki/tls/certs/
mv privkey.pem /etc/pki/tls/private/
chmod 600 /etc/pki/tls/private/privkey.pem
Apache configuration
Create a configuration file for your domain in the /etc/httpd/conf.d/ directory. Use the .conf extension. Replace domain-name.com with your actual domain name:
nano /etc/httpd/conf.d/domain-name.com.conf
Add the following content to enable HTTPS for your site:
SSLEngine on
Path to the full SSL certificate
SSLCertificateFile /etc/pki/tls/certs/full-chain.pem
Path to the private key
SSLCertificateKeyFile /etc/pki/tls/private/privkey.pem
Site content directory
AllowOverride All
DocumentRoot /var/www/domain-name.com
ServerName domain-name.com
ServerAlias www.domain-name.com
Create the /var/www/domain-name.com directory and add your website files if you haven't done so yet:
mkdir -p /var/www/domain-name.com
Redirect from HTTP to HTTPS
To redirect all HTTP requests to HTTPS, add the following block to the same domain-name.com.conf file:
ServerName domain-name.com
ServerAlias www.domain-name.com
Redirect "/" "https://domain-name.com/"
Before restarting Apache, check the configuration for errors:
apachectl configtest
If the output is Syntax OK, restart Apache to apply the changes:
systemctl restart httpd


