How to Install or update SSL certificate on apache server site

If you want to provide your site with an SSL certificate, once you purchase it on (ie:GoDaddy), you will have to perform the following steps:

  • Create the CSR certificate (Certificate signing request) on your hosting server.
    • You can use this command to do so:

      Bear in mind, that if your domain is, you should use mysite.key and mysite.csr.

      You’ll be asked the questions like the Country, State, City, Company Name, Domain name and all. Just fill up the details and your CSR will be ready as mysite.csr in the directory as well as the Private key as mysite.key. Then, you should move this file to <yoursite_directory_certificates>/<your_site>.key. The most important thing to take care of is the Distinguish name(DM) or common name, where you will need to put your whole domain like ‘’.

  • Proceed and create the SSL  (inside ie:godaddy) from the CSR option (you can proceed with just the domain, but i suggest to create it from the CSR to avoid further issues, like assigning the CSR in the future to keep it synced with your hosting server).
  • Download the certification zip file cointaining two files like those ones ( gd_bundle-g2-g1.crt / xxxxxxxxxxxxxx.crt (includes other letters in place of x )
  • Create a new conf file in your apache server sites-enabled folder, for the ssl configuration called like <yoursite>-ssl.conf and it should be filled in like below:

    On the below example, you have to focus basically on those 3 files

    where provided gd_bundle-g2-g1.crt is going to be SSLCertificateChainFile and xxxxxxxxxxxxxx.crt is going to be SSLCertificateFile.


    SSLCertificateKeyFile is going to be created with your csr file, explained on the first step.

  • To make changes live, remember to reboot your apache server, refresh your site, and check the SSL certificate expiracy date.


In case your certificate has expired, and you just need to upgrade it, you won’t need to re-generate SSLCertificateKeyFile. You will just need to upgrade SSLCertificateChainFile and SSLCertificateFile with the provided new files from GoDaddy.