How to configure SSL on Apache

1.  Import your SSL to the server through FTP and unzip them in a particular directory, If you don’t have SSL you can generate Let’s Encrypt free SSL by following the below steps.

install the git package:
sudo apt-get install git  
    sudo yum install git

Clone a Let’s Encrypt repository from Github Official Repository

sudo git clone /opt/letsencrypt
Navigate to the clone directory
  sudo cd /opt/letsencrypt 

Run Let’s Encrypt with the –standalone parameter. For each additional domain name requiring a certificate, add -d to the end of the command. Kindly change the domain name.

sudo -H ./letsencrypt-auto certonly --standalone -d -d

When prompted Agree to the Terms by pressing “A” and Type “N” for the second step.

After this SSL will generate if all goes well you will get the below output 


 – Congratulations! Your certificate and chain have been saved at:


   Your key file has been saved at:


   Your cert will expire on 2020-11-08. To obtain a new or tweaked

   version of this certificate in the future, simply run

   letsencrypt-auto again. To non-interactively renew *all* of your

   certificates, run “letsencrypt-auto renew”

 – If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt:

   Donating to EFF:          

2. Enable mod_ssl for Apache
 sudo a2enmod rewrite && sudo service apache2 restart  
 sudo yum install mod_ssl -y && sudo systemctl restart httpd
3. Create VirtualHost Configuration for HTTPS, Kindly change the domain name.
<virtualhost *:443>
Documentroot /var/www/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
SSLCertificateChainFile /etc/letsencrypt/live/
<Directory "/var/www/">
AllowOverride All
Allow from all
4. Then First, run the following command to check your Apache configuration file for errors
sudo apachectl configtest && sudo service apache2 restart  
sudo httpd -t && sudo service apache2 restart  
5. Confirm that the above commands returns a Syntax OK response. If it does not, review your configuration files.
6. After confirming a Syntax OK response, restart the apache by below commands
service apache2 restart
service httpd restart  
7. Verify your SSL installation through SSL Checker Website
8. Automatically Renew SSL Certificates (Optional)

You can add cron job to keep the ssl/letsencrypt-auto clinet up to date, follow below steps.

sudo crontab -e
0 0 1 * * /opt/letsencrypt/letsencrypt-auto renew
0 0 1 * * cd /opt/letsencrypt && git pull
Please Drop Comment if you face any issue at any point, I will try to reply asap.
100% LikesVS
0% Dislikes


  • Vikas Kumar

    Awesome, Keep Learning & Sharing

  • Nitin

    very helpful 🙂

Comments are closed.