RHEL8: Confgiure SSL certificate for apache

Upload certificate file to server. If it is a pfx file you need to split it up.

Extract private key

openssl pkcs12 -in Certifikatfil.pfx  -nocerts -out localhost.key

Extract certificate

openssl pkcs12 -in Certifikatfil.pfx  -nokeys -out localhost.crt

Move certificate files

sudo mv localhost.key /etc/pki/tls/private/localhost.key
sudo mv localhost.crt /etc/pki/tls/certs/localhost.crt

Create an passphrase file

sudo vi /opt/script/passphrase-file.conf

#!/bin/sh
echo "password that was enter for keyfile"

Change permissions on file, only root has execute permission

sudo chmod 500 /opt/script/passphrase-file.conf

Add follwing row in httpd.conf

sudo vi /etc/httpd/conf/httpd.conf

SSLPassPhraseDialog exec:/opt/script/passphrase-file.conf

Add following rows on virtualHost for site

sudo vi /etc/httpd/sites-available/domain.se.conf

   SSLEngine on
   SSLCertificateFile /etc/pki/tls/certs/localhost.crt
   SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

Leave a Reply Cancel reply