Set up TLS/SSL (https) for your website

A step-by-step guide to setting up https on your website by installing and configuring an SSL certificate.

Shameel Ahmed

Last Update hace 13 días

After you register a domain name and set up your DNS zones to point to your web server instance, you will notice that your site works when invoked with http but fails to load when invoked with https. This is because https requires an SSL certificate to be installed and configured on the web server. The complete url of the site must match one of the url(s) on the certificate.

SSL Certificate

SSL Certificates are files installed on the web server that identify the owner of the website. They also enable secure communication between the web server and the client browser by encrypting the data that is sent back and forth between them.

Generate a Test Certificate

For testing and/or temporary purposes, you can generate a local certificate that would work with your domain. With a test certificate, the browsers in the end user machines would flag a Certificate error alert since there is not CA associated with the certificate that the browser can trust. However, data encryption between the client and the server works without any issues.

Install the openssl package in the Linux instance by using the command:

To generate the Test certificate, run the following command:

Note that using a locally generated certificate is not advised to be used in a live environment.

Acquire a real SSL Certificate

SSL Certificates are generated by Certification Authorities (CA) like IdenTrust, DigiCert, etc. To generate a certificate, visit one of their websites and issue a certificate request. Once you have received the certificate, proceed with the next steps.

Install and configure the SSL Certificate

Login to the instance where the certificate needs to be installed

Start the Web server

The first step is to start the web server:

Open Firewall

Verify that ports 80 and 443 are open by running this command:

Updated Web Server Configuration File

Edit /etc/httpd/conf/httpd.conf and add the following line to the bottom of the file:

Save and close the file. Check the syntax by running the command:

Update SSL Configuration File

Edit the /etc/httpd/conf.d/ssl.conf file and locate and change the path of the certificate files to the actual file path.

Add the following lines at the bottom of the file.

Save and close the file. Check the syntax by running the command:

Restart Web Server

As a final step, run this command to restart the web server:

Verify that Secure connection is working

Open your browser and navigate to https://ideadc-sample.com. 

If you used a locally generated certificate, your browser will show an alert like this:

Click the Advanced... button

Click Accept the Risk and Continue

Your browser should display the website without any warning messages.

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us