1. Copy the .pfx file to the destination server.
2. Run the following OpenSSL command to create a text file with the contents of the .pfx file:
openssl pkcs12 -in [sslCertName.pfx] -nocerts -out [outputFileName.pem] -nodes
sslCertName.pfx == Input file name
outputFileName.pem == Output file name
3. While you issue this command, you will be asked for Import Password. Enter the password you had set while exporting the certificate.
4. On success, you will get the message MAC verified OK.
5. Now, we need to extract the private key and certificate file from the .pem file. Open outputFileName.pem file in any text editor and copy each key; make a separate text file for each certificate, including the -----BEGIN RSA PRIVATE KEY ----- and ----- END RSA PRIVATE KEY ----- lines.
6. Move to the Apache server configuration file (httpd.conf). The actual directory of this configuration file may be different. Usually, you can locate this file under the /etc/httpd/ directory. You can also use the following command to find httpd.conf file.
find / -name 'httpd.conf'
7. Once you locate httpd.conf file, open it in the editor, and find the <VirtualHost> tag in the file.
8. If you want your website to be accessible through both protocols (https and http), copy the existing <VirtualHost> tag and change the port from port 80 to 443 as follows. Following is a basic example of a virtual host configuration for SSL. The parts listed in bold are the parts that must be added for SSL configuration.
9. Save the changes and exit the editor.
10. It is always a good practice to check your Apache config files for any errors when you modify them. Since we have changed the settings of the Apache Config file, we will test for the errors. Issue the following command to check errors.
11. If the Apache configuration file has no errors, you will get a Syntax OK message. If you get errors like -bash: apachectl: command not found, you need to find the apachectl file first. To find this file, run the following command.
find / -name 'apachectl'
12. As an output of this command, you will get a full path of the apachectl file. Copy this file path, place the configtest after the path, and run this command as follows. Once you receive the Syntax OK message, restart the Apache web server.
13. Restart the Apache web server using the following commands.
14. SSL Certificate is now successfully imported into the Apache server. To test this, browse your website with the https protocol. You will see the padlock icon before the URL in the browser address bar. This shows that your certificate is installed and configured properly.
- These steps are performed on CentOS 5.6. For other Linux-based distributions, it may vary.
- These steps can only be performed if you have root access to your Linux VPS/Dedicated Server.