If you want to provide your site with an SSL certificate, once you purchase it on (ie:GoDaddy), you will have to perform the following steps:

• Create the CSR certificate (Certificate signing request) on your hosting server.
  • You can use this command to do so:
    
    1	openssl req -new -newkey rsa:2048 -nodes -keyout <yourdomain>.key -out <yourdomain>.csr

    
    Bear in mind, that if your domain is mysite.com, you should use mysite.key and mysite.csr.

    You’ll be asked the questions like the Country, State, City, Company Name, Domain name and all. Just fill up the details and your CSR will be ready as mysite.csr in the directory as well as the Private key as mysite.key. Then, you should move this file to <yoursite_directory_certificates>/<your_site>.key. The most important thing to take care of is the Distinguish name(DM) or common name, where you will need to put your whole domain like ‘mysite.com’.

• Proceed and create the SSL  (inside ie:godaddy) from the CSR option (you can proceed with just the domain, but i suggest to create it from the CSR to avoid further issues, like assigning the CSR in the future to keep it synced with your hosting server).
• Download the certification zip file cointaining two files like those ones ( gd_bundle-g2-g1.crt / xxxxxxxxxxxxxx.crt (includes other letters in place of x )
• Create a new conf file in your apache server sites-enabled folder, for the ssl configuration called like <yoursite>-ssl.conf and it should be filled in like below:
  
  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

  <VirtualHost *:80>    ServerName www.<yoursite>.com    ServerAlias <yoursite>.com    Redirect permanent / https://www.<yoursite>.com/ </VirtualHost>   <ifModule mod_ssl.c> <VirtualHost _default_:443>         ServerAdmin webmaster@localhost           DocumentRoot <yoursite_directory_public_html>         ServerName www.<yoursite>.com         ServerAlias <yoursite>.com           ErrorLog <yoursite_directory_log>/error.log         CustomLog <yoursite_directory_log>/access.log combined           SSLEngine on         SSLCertificateFile <yoursite_directory_certificates>/<yourdomain>.crt         SSLCertificateKeyFile <yoursite_directory_certificates>/<yourdomain>.key         SSLCertificateChainFile <yoursite_directory_certificates>/intermediate.crt           <FilesMatch "\.(cgi|shtml|phtml|php)$">                 SSLOptions +StdEnvVars         </FilesMatch>         <Directory /usr/lib/cgi-bin>                 SSLOptions +StdEnvVars         </Directory>   </VirtualHost> </IfModule>

  
  On the below example, you have to focus basically on those 3 files
  
  1 2 3

  SSLCertificateFile <yoursite_directory_certificates>/<yourdomain>.crt         SSLCertificateKeyFile <yoursite_directory_certificates>/<yourdomain>.key         SSLCertificateChainFile <yoursite_directory_certificates>/intermediate.crt

  
  where provided gd_bundle-g2-g1.crt is going to be SSLCertificateChainFile and xxxxxxxxxxxxxx.crt is going to be SSLCertificateFile.

   

  SSLCertificateKeyFile is going to be created with your csr file, explained on the first step.

• To make changes live, remember to reboot your apache server, refresh your site, and check the SSL certificate expiracy date.

In case your certificate has expired, and you just need to upgrade it, you won’t need to re-generate SSLCertificateKeyFile. You will just need to upgrade SSLCertificateChainFile and SSLCertificateFile with the provided new files from GoDaddy.