Step-by-step instructions on how to move an SSL Certificate between Apache Servers
If you’re looking for a guide on how to move an SSL Certificate from one Apache Server to another, then you’ve come to the right place. Below are all the instructions you’ll need to switch your SSL implementation between your Apache servers.
But before we get started, we’re going to assume you already have your SSL Certificate installed successfully on at least one Apache web server. Now, let’s begin:
Step 1: Locating your SSL Certificate and Private Key file on Apache Server #1:
- Using the httpd.conf or ssl.conf files on your first Apache system, look for the location and directories of the three files listed below:
- SSLCertificateFile /usr/local/ssl/crt/public.crt
SSLCertificateFile tells Apache how to find the the SSL certificate file.
- SSLCertificateKeyFile /usr/local/ssl/private/private.key
SSLCertificateKeyFile tells Apache how to find the private key file.
- SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt
SSLCertificateChainFile or SSLCACertificateFile tells Apache the location of the Intermediate file.
- Copy all three of these files and back them up on a USB drive or an alternate drive directory that is accessible by the second Apache system, the one that you are moving to.
Step 2: Installing on the Apache Server #2
- Using the httpd.conf or ssl.conf file on the second Apache system, find the location and directories of the three aforementioned files.
- SSLCertificateFile /usr/local/ssl/crt/public.crt
SSLCertificateFile tells Apache how to find the the SSL certificate file.
- SSLCertificateKeyFile /usr/local/ssl/private/private.key
SSLCertificateKeyFile tells Apache how to find the private key file.
- SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt
SSLCertificateChainFile or SSLCACertificateFile tells Apache the location of the Intermediate file.
- Move the certificate files to the selected location and rename your httpd.conf file to reflect the new file names.
- If you’re using a different location and certificate file names than the example above, then you need to change the path/filename to reflect your new Apache server.
Note: Some versions of Apache use both httpd.conf and ssl.conf file names. Please change the httpd.conf or the ssl.conf with the above directives. Do not use both, because this can create a conflict and Apache may not start.
- Save the httpd.conf file, then restart Apache.
Congratulations! You just moved your SSL certificate from one Apache server to another Apache server.
Related