I will be covering SSL for website in a very simple and in step by step tutorial. In this, I am assuming that your website is working on http, as this for CentOS 7 so webserver is apache.
login to your server either via direct console or putty
[root@localhost /]# openssl req -new -newkey rsa:2048 -nodes -keyout tutorial.key -out tutorial-blog.csr
This will create two files your private key (do not share with anyone) and CSR request file (this file will be required to get certificate)
This above command will be creating these two files in your working directory
2- tutorial.key (do not share this with anyone)
[root@localhost /]# ls -l | grep “tutorial”
Check your apache configuration file for SSL and it has the exact path where we have to put *.key file (tutorial.key in our case)
[root@localhost /]# mv tutorial.key /etc/pki/tls/private/tutorial.key
This will move the tutorial.key file to appropriate place from where apache can get SSL key file configuration.
Now we have placed SSL key to appropriate directory next we have to copy the tutorial-blog.csr all content. just open it using following command
[root@localhost /]# cat tutorial-blog.csr
—–BEGIN CERTIFICATE REQUEST—–
—–END CERTIFICATE REQUEST—–
We have multiple option to purchase certificate, I have purchased it from namescheap (the names cheap SSL purchase is beyond the scope of this tutorial but in short 1st you have to pay and then they will allow you to paste your *.CSR file content)
This is the certificate we have purchased it for 1 year, next we have to upload this certificate to our server, you can check your server configuration that where you have to place this server.
In our example path is: /etc/pki/tls/certs/
you can check your apache httpd configuration to find this path
[root@localhost /]# vi /etc/httpd/site-available/tubossl.conf
similarly check your httpd (apache) configuration.
now copy the certificate file tutorial-blog_com to appropriate directory as per you apache configuration.
[root@localhost /]# mv tutorial-blog_com /etc/pki/tls/certs/tutorial-blog_com
after this restart your apache
[root@localhost /]# systemctl restart httpd.service
now browse your website with https and it should be secure
This all about this tutorial, if you have further questions please write in comment section below