How to install OpenSSL on CentOS using a self-signed certificate
Since visitors and search engines put increased trust into sites that are secured with SSL, certificate usage is on the rise. While you would often use a trusted certificate from a well-known CA, sometimes it makes sense to use a self-signed cert. This is especially true when setting up a test or development environment. It takes a few minutes, but it's pretty straightforward and gives you the nice little lock in the browser bar when it's working. I set mine up on my VPS and it worked without issue.
DIFFICULTY | Basic - 1 | Medium - 2 | Advanced - 3 |
TIME REQUIRED | 30 min |
RELATED PRODUCTS | CentOS-based VPS or dedicated servers |
Recipe
Install the necessary libraries
Create a directory to store the keys
Create a self-signed certificate
You'll be asked to fill out a few fields. The most important line is "Common Name." Enter your official domain name here or, if you don't have one yet, enter your site's IP address.
Edit the config file
Scroll down until you find the VirtualHost _default_:443
section.
Uncomment the DocumentRoot and ServerName lines.
Change example.com in the ServerName line to either your domain name or server's IP address. Important: This needs to match the common name on the certificate.
Scroll down and ensure that SSL is configured with the following lines.
SSLCertificateFile /etc/httpd/pki/apache.crt
SSLCertificateKeyFile /etc/httpd/pki/apache.key
Save and exit.
Restart Apache
That's it!
Test the configuration
Browse to https://your domain name
You should see your site over an SSL connection.
Note: Your browser will likely ask you to trust the self-signed certificate before allowing access to the site. This is an artifact of using a self-signed certificate. For using a certificate that is globally-trusted, here is a link on how to get a trusted SSL certificate.
Note: As a courtesy, we provide information about how to use certain third-party products, but we do not endorse or directly support third-party products and we are not responsible for the functions or reliability of such products. Third-party marks and logos are registered trademarks of their respective owners. All rights reserved.