How to Install a Wildcard SSL Certificate on Apache

Rate this article: 1 Star2 Stars3 Stars4 Stars5 Stars (25 votes, average: 3.36)
Loading...

Your 4-step guide for installing an Apache wildcard SSL certificate

Look, you and I both know all you’re looking for is an explanation of how to install a wildcard SSL certificate on an Apache server. But first, a little primer on what Apache SSL is and how wildcard SSL certificates are used on them.

Apache SSL: The Basics

Simply put: Apache is a web server, and wildcard SSL certificates secure a domain and all its first-level sub-domains. (Sometimes, it’s helpful to spell subdomains two different ways, so let’s include both versions for the heck of it). You can get a wildcard SSL certificate for your Apache server from a certificate authority like Comodo. It’s a flexible, affordable option for websites with infrastructures that include sub-domains. (Cue the obligatory wildcard SSL certificate ad.)

SSL Certificates with Comodo Secure Logo

Save Up 71% On Comodo PositiveSSL Wildcard Certificates

Want to save money on wildcard SSL certificates for your Apache server? We sell all Comodo PositiveSSL wildcard certificates at up to 71% off!

Compare SSL Certificates

Now, for what you came here for: Let’s talk about how to install wildcard SSL on Apache.

Install a Wildcard SSL Certificate on an Apache Server

Before we go any further, we assume you’ve already purchased a wildcard SSL certificate and have received both the certificate and any intermediates. You also need to have the private key saved on your Apache server. Ideally, you generated the certificate signing request (CSR) on the Apache server — but, frankly, that’s none of my business.

Now, on to the main event:

  1. Open the Apache configuration file in a text editor.

You can usually find the config file in: /etc/httpd — though, if you needed me to tell you that, maybe you should hold off on installing your wildcard SSL certificate until you run this by someone who’s a bit more familiar with the process.

  1. You’re looking for the <VirtualHost> where you’ll need to change the port from 80 to 443. To do that, use this code:
<VirtualHost 192.168.0.1:443>
 DocumentRoot /var/www/website
 ServerName www.domain.com
 SSLEngine on
 SSLCertificateFile /etc/ssl/crt/primary.crt
 SSLCertificateKeyFile /etc/ssl/crt/private.key
 SSLCertificateChainFile /etc/ssl/crt/intermediate.crt
 </VirtualHost> 

Again, this shouldn’t need to be pointed out, but you’re going to need to change this code up to reflect your site’s information — including the files and paths that correspond to your SSL certificate as well as the intermediate (which will go in the ChainFile field).

  1. Save the changes and closer your text editor.
  1. Restart your Apache server using either of the following commands:
/usr/local/apache/bin/apachectl startssl
 /usr/local/apache/bin/apachectl restart

A lot of people think there needs to be some type of special configuration that needs to be done for wildcards, but that’s not the case. The way the server reads the certificate will tell iy the certificate is valid for sub-domains associated with that host name.

I could have probably told you that at the beginning of the article, but that would mess with our site’s bounce rate. Hey, man, blame Google.