Rate this article: (25 votes, average: 3.36)
Loading...
Look, you and I both know all you’re looking for is an explanation of how to install a wildcard SSL certificate on an Apache server. But first, a little primer on what Apache SSL is and how wildcard SSL certificates are used on them.
Simply put: Apache is a web server, and wildcard SSL certificates secure a domain and all its first-level sub-domains. (Sometimes, it’s helpful to spell subdomains two different ways, so let’s include both versions for the heck of it). You can get a wildcard SSL certificate for your Apache server from a certificate authority like Comodo. It’s a flexible, affordable option for websites with infrastructures that include sub-domains. (Cue the obligatory wildcard SSL certificate ad.)
Want to save money on wildcard SSL certificates for your Apache server? We sell all Comodo PositiveSSL wildcard certificates at up to 71% off!
Compare SSL CertificatesNow, for what you came here for: Let’s talk about how to install wildcard SSL on Apache.
Before we go any further, we assume you’ve already purchased a wildcard SSL certificate and have received both the certificate and any intermediates. You also need to have the private key saved on your Apache server. Ideally, you generated the certificate signing request (CSR) on the Apache server — but, frankly, that’s none of my business.
Now, on to the main event:
You can usually find the config file in: /etc/httpd — though, if you needed me to tell you that, maybe you should hold off on installing your wildcard SSL certificate until you run this by someone who’s a bit more familiar with the process.
<VirtualHost 192.168.0.1:443>
DocumentRoot /var/www/website
ServerName www.domain.com
SSLEngine on
SSLCertificateFile /etc/ssl/crt/primary.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCertificateChainFile /etc/ssl/crt/intermediate.crt
</VirtualHost>
Again, this shouldn’t need to be pointed out, but you’re going to need to change this code up to reflect your site’s information — including the files and paths that correspond to your SSL certificate as well as the intermediate (which will go in the ChainFile field).
/usr/local/apache/bin/apachectl startssl
/usr/local/apache/bin/apachectl restart
A lot of people think there needs to be some type of special configuration that needs to be done for wildcards, but that’s not the case. The way the server reads the certificate will tell iy the certificate is valid for sub-domains associated with that host name.
I could have probably told you that at the beginning of the article, but that would mess with our site’s bounce rate. Hey, man, blame Google.