Skip to main content

In-Common SSL Cert Installation on Apache 2.2

firstThe createsteps towards obtaining a free cert for ucla based webservers:

  1. Generate a CSR with a 2048-bit minimum key for each common name for which you require a cert
  2. Be sure that the common name(s) contain a fully qualified domain name
  3. Forward both the CSR and the common name information directly to incommon@noc.ucla.edu

Create the CSR and the KEY files by running the following:
openssl req -new -newkey rsa:2048 -nodes -keyout server.SERVER.key -out server.SERVER.csr
where serverSERVER is the name of your server

submit the .CSR file to the request from the UCLA NOC

onceOnce receiving the email from NOC opeopen the link that says “X509 Certificate only, Base64 encoded”, rename it to .CRT

now in the conf file add the following:

SSLEngine on
SSLCertificateFile /etc/apache2/certs/server_ucla_edu.crt
SSLCertificateKeyFile /etc/apache2/certs/server_ucla_edu.key

those settings are the basic and may require more directives options.

Back to top