Renew SSL Certificates in apache on Centos 7 web server ?

In this tutorial we are going on renew our ssl certificate in apache web server. SSL certificate Authority is Godaddy. Once you are finished, all traffic between server and client will be encrypted and safe.
Setup 1
Create ssl certificate directory location
mkdir -p /etc/httpd/ssl/2018/    (-p Tag use for create all perent directory fourcefully )
Setup 2
under /etc/httpd/ssl/2018/ directory create key file
openssl genrsa -out 2048
Setup 3
Genrate CSR file with the help of key file
openssl req -new -key -out
Setup 4
Genrate self assine certificate
openssl x509 -req -days 365 -in -signkey -out
Setup 5
Login your godaddy account and go to ssl Certificate session and go to manage key. click on Rekey and manage.
Under Re-Key certificate session paste csr file content and click Change the site that your certificate protects update your site name like > click on save button > Submit All and saved changes
After some hour godaddy varify your domain and then click on certificate session >  download > select server type > apache > download zip file > extract it and upload server directory /etc/httpd/ssl/2018/
sample ssl file configuration >
cat /etc/httpd/conf.d/ssl.conf
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
DocumentRoot “/var/www/”
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/2018/f898c11d5bdsf13c.crt
SSLCertificateKeyFile /etc/httpd/ssl/2018/
SSLCertificateChainFile /etc/httpd/ssl/2018/gd_bundle-s2-g1.crt
SSLOptions +StdEnvVars
<Directory “/var/www/cgi-bin”>
SSLOptions +StdEnvVars
BrowserMatch “MSIE [2-5]” \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”
Update ssl.conf file and restart httpd service.
service httpd restart/reload;


Leave a Reply

Your email address will not be published.