I will be covering SSL for website in a very simple and in step by step tutorial. In this, I am assuming that your website is working on http, as this for CentOS 7 so webserver is apache.

login to your server either via direct console or putty

[root@localhost /]# openssl req -new -newkey rsa:2048 -nodes -keyout tutorial.key -out tutorial-blog.csr
This will create two files your private key (do not share with anyone) and CSR request file (this file will be required to get certificate)

After this it will be asking for different details which are shown in below snapshots
Just fill these details as per your website/ domain

This above command will be creating these two files in your working directory
1- tutorial-blog.csr
2- tutorial.key (do not share this with anyone)
[root@localhost /]# ls -l | grep “tutorial”

Check your apache configuration file for SSL and it has the exact path where we have to put *.key file (tutorial.key in our case)

[root@localhost /]# mv tutorial.key /etc/pki/tls/private/tutorial.key

This will move the tutorial.key file to appropriate place from where apache can get SSL key file configuration.
Now we have placed SSL key to appropriate directory next we have to copy the tutorial-blog.csr all content. just open it using following command
[root@localhost /]# cat tutorial-blog.csr

—–BEGIN CERTIFICATE REQUEST—–
MIIC4zCCAcsCAQAwgZ0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh
MREwDwYDVQQHDAhUZW1lY3VsYTEWMBQGA1UECgwNVHV0b3JpYWwgQmxvZzELMAkG
A1UECwwCSVQxGjAYBgNVBAMMEXR1dG9yaWFsLWJsb2cuY29tMSUwIwYJKoZIhvcN
AQkBFhZpbmZvQHR1dG9yaWFsLWJsb2cuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwMxMBkJd/kiacPzV2U4V/s2qgpATPlG35DwsclW9KXh69Skl
WcCio4dxvrL/VKvVvG60+793+uhpoILWJhrHjhUEbKO/W3eCQ9XBbpJfhk0KrpfR
YZzOpjuKaWyajU7wVF0R5GiHsjPmNq6pCC/jetdRClyPWGVy+xCh9sqPA0GZVQXB
OZYh0t34ZdaG41CzgShSz7zC/2mqv4Bg7Gu5h82k/2o5aKqyNnMEAsLzNtDmf47S
aXMXkpgzDb9NWkz9gWqIoF/B2Ux3fKXXcFZdGmEiNz4nmL9SHzHa5PS1MUh6ZXXq
cfZhF04OGKMpZqqDO3+MAFUXFPbR3Y//wFLsjQIDAQABoAAwDQYJKoZIhvcNAQEL
BQADggEBAE4w0NUGwb/0QI4X3YfAsDi8Pb9zeY5DnR5LghIiXSP+wG+G/jRRtmsP
/d8TPiisJK5AENEKXqfEZubvfNmVcsoDz2UGkVNSVK3dFmNh1MuT2Wb6P3iG2+xh
yvPTkfR+ycbZStTV2OI9dWsLt+OhhDbm3iurryFxXNT+2NkQnzPAoz2BJuqOt7rd
hZIt3/SKpvb3u4musaFMI8Yg5f+U26RS6CL5gkAoyMSJs0v9k5E06BblqzwX3tjD
44KaG+tmz8LYMPBhtaotKXGthpnLAiYG0kn5yIJiaICO948rHpJl0x6L4oIndzpr
Z2esp/6axNFXzxLY0/scgsaybYd45zQ=
—–END CERTIFICATE REQUEST—–

We have multiple option to purchase certificate, I have purchased it from namescheap (the names cheap SSL purchase is beyond the scope of this tutorial but in short 1st you have to pay and then they will allow you to paste your *.CSR file content)

once you copied your content it should show your domain in the field named as above: “Primary domain”
As it shows correct name in our case we will be click on next

This is the certificate we have purchased it for 1 year, next we have to upload this certificate to our server, you can check your server configuration that where you have to place this server.
In our example path is: /etc/pki/tls/certs/
you can check your apache httpd configuration to find this path

[root@localhost /]# vi /etc/httpd/site-available/tubossl.conf
similarly check your httpd (apache) configuration.
now copy the certificate file tutorial-blog_com to appropriate directory as per you apache configuration.

[root@localhost /]# mv tutorial-blog_com /etc/pki/tls/certs/tutorial-blog_com

after this restart your apache
[root@localhost /]# systemctl restart httpd.service

now browse your website with https and it should be secure

This all about this tutorial, if you have further questions please write in comment section below

Categories: Tutorial

1 Comment

Frank shaun · May 24, 2020 at 10:02 am

I am beginner and this is really useful

Leave a Reply

Your email address will not be published. Required fields are marked *