Your step-by-step directions for how to install a wildcard SSL certificate on Apache
Most of you reading this article probably know that Apache is a widely used web server distributed under the open-source license that is maintained by the Apache Software Foundation. It’s used to host one or more HTTP-based websites and has built-in support for shared/virtual hosting. To make your websites accessible over a secure connection (i.e. HTTPS), you will need to install an SSL/TLS certificate on your web server. A wildcard SSL certificate secures your domain along with all its accompanying first-level subdomains. This is why we think it’s important to cover how to install a wildcard SSL certificate on your Apache web server.
Secure Unlimited Subdomains with One Wildcard SSL Certificate – Save 50%
Save 50% on Sectigo Wildcard SSL Certificates. It includes unlimited server licenses, reissuances, 256-bit encryption, and more.
If you’ve already purchased a wildcard SSL certificate, you can skip ahead to the installation instructions. If not, you can get a wildcard certificate at an affordable price from SectigoStore.com.
Now that we know what these terms mean, let’s discuss how to install wildcard SSL in Apache! Note that regardless of the type of SSL/TLS certificate you are trying to configure on your Apache server, the installation steps remain unchanged.
Install a Wildcard SSL Certificate in Apache Web Server: a Step-by-Step Guide
After generating the certificate signing request (CSR) for your wildcard SSL and placing your order, you can follow the steps below to install the certificate on your Apache server. (Or, if you don’t want to manually install the certificate yourself, you can pay a minimal amount to have our installation service take care of it for you.)
Ideally, the CSR should be generated from the server. If not, ensure that the private key is saved on the Apache server.
How to Install Wildcard SSL in Apache
- Begin by downloading all the certificates — your primary server certificate as well as the intermediate certificates that are provided by your CA — and save them in the folder that contains your private key.
- Navigate to the /etc/httpd directory, which usually contains the config file titled httpd.conf, and open it with the text editor. Near the bottom of the file, you’ll usually find the <VirtualHost> block. You might also find it in a file named ssl.conf or under directories such as /etc/httpd/vhosts.d/ or /etc/httpd/sites/.
- If your site needs to be available over both non-secure (HTTP) and secure (HTTPS) connections, you will need a virtual host for each. Make a copy of the original non-secure virtual host and change the port number from 80 to 443.
- In the <VirtualHost> block for the SSL enabled site, change the settings to point to the correct paths for the certificate files and website. The certificate files are usually found within the /etc/ssl/crt/ directory. Alter the settings and adjust the names based upon your sites’ information.
Here’s a bit of context about what each of these components entails:
- SSLCertificateFile is the primary certificate file for your server.
- SSLCertificateKeyFile is the private key generated when you created the CSR.
- SSLCertificateChainFile is the intermediate certificate file (if any) provided by your certificate authority. If there are multiple Intermediates, you may be required to concatenate the files. If this file does not work, try using SSLCACertificateFile.
- Ensure that there are no syntactical errors, save the changes, and close your editor.
- Execute the following command to check your Apache server for configuration errors:
- Using one of the following options Restart your Apache web server:
Top Apache Wildcard SSL Certificate
|Features||PositiveSSL Wildcard (DV)||Sectigo SSL Wildcard Certificate (DV)||Sectigo OV Wildcard SSL|
|Domains Secured||Secure Unlimited Subdomains||Secure Unlimited Subdomains||Secure Unlimited Subdomains|
|Validation Level||Domain Validation||Domain Validation||Organization Validation|
|SSL Encryption||up to 256-bit||up to 256-bit||up to 256-bit|
|Key Length||2048 bits||2048 bits||2048 bits|
|SSL Site Seal||Included||Included||Included|
|Refund Policy||30 Days||30 Days||30 Days|
|OS Support [Desktop]||Yes||Yes||Yes|
|OS Support [Mobile]||Yes||Yes||Yes|
|Buy Now||View Product||View Product||View Product|