Installing an SSL cert in apache (ubuntu)

[shogun]

Hey

Question time again.

I'm trying to install a cert in apache (ubuntu server). This is the process i've followed so far:

1. Generate csr file
2. Purchase cert, using csr to generate cert files.
3. Downloaded cert file
4. Copied key file (generated on server) as well as cert file (from cert provider), as well as a file called "Apache_Plesk_Install.txt" (cert was purchased from network solutions) into the /etc/ssl folder
5. Changed /etc/apache2/apache2.conf file by adding the following:

<VirtualHost *:443>

DocumentRoot "/var/www"
SSLEngine on
SSLCertificateFile /etc/ssl/WWW.MYDOMAINNAME.COM.crt
SSLCertificateKeyFile /etc/ssl/www_mydomainname_com.key
SSLCertificateChainFile /etc/ssl/Apache_Plesk_Install.txt

</VirtualHost>

6. Restarted apache using stop then start

7. Cannot acces site using https://
8. Can still access via http://

Am I even following the correct process here? Total Linux / Apache noob, so help would be appreciated.

 

[w1z4rd]

You dont have a firewall up blocking that port?
Do you have mod_ssl enabled?

In /etc/apache2/ports.conf do you have "Listen 443"

 

[w1z4rd]

Aaah wait, is that a plesk server? plesk does funny things with config files.

 

[shogun]

The ports.conf says this:

NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
# SSL name based virtual hosts are not yet supported, therefore no
# NameVirtualHost statement here
Listen 443
</IfModule>


I tried adding "Listen 443" below Listen 80... with no luck. I still get no connection.

I don't know what a plesk server is (windows boytjie here). This is an ubuntu server with Hetzner germany. I didn't set the server up, but i'm trying to help someone set up a cert that they purchased from Network Solutions. The network solutions help documentation mentions the Apache_Plesk_Install.txt file. The alternative is three separate ".crt" files in a zip folder that I could use. No idea where those should go though if not using the Apache_Plesk_Install.txt file.

 

[shogun]

Ok, i've had enough playing around, and just want to get the cert installed.

If anyone interested has experience in this department, and wouldn't mind quoting on taking a few minutes to sort this out, i'd be appreciative and put you in touch with the person i'm helping. The cert is generated, but I don't know my way around a linux box over putty well enough to sort this out.

If anyone can spare a few minutes, you can PM me. Thanks much.

 

[shogun]

Right... so after said person calling 4 different companies in cape town to try help, not one of which was both keen and able to, I decided to give it another go last night.

I managed to get it right after a bit more playing around. There were a few things I hadn't considered / didn't know about apache, but there was a pretty good tutorial that I followed line by line to get it right. If anyone else here is having issues, check out the following link:

http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html

I ignored the self sign part as I already had a cert generated. The big snag for me was knowing where the files were located that I needed to edit, which this tutorial covers nicely.

If you have a cert from Network Solutions, then inside the "default-ssl" config file (generated after the "a2enmod ssl" command, I think), you would need three files as listed in their site in their help documentation:

SSLCertificateFile /etc/apache2/ssl/server.crt // This is the cert Network Solutions generated, which I renamed (they call is "WWW.YOURDOMAINNAMEHERE.COM.crt" the YOURDOMAINNAMEHERE part is obviously specific to your cert.
SSLCertificateKeyFile /etc/apache2/ssl/server.key // This is the key generated on your server before you get your cert from Network Solutions, which I also renamed
SSLCertificateChainFile /etc/apache2/ssl/Apache_Plesk_Install.txt // This is a file you can download from Network Solutions after you have bought the cert. It's available as a single file download.

Hope this helps someone else out there.