In order to install successfully a chain certificate (in my environment it was issued by Entrust) on a Red hat you should edit the following entries in the /etc/httpd/conf.d/ssl.conf apache file.
#Server Certificate SSLCertificateFile /path/to/public.pem #Server Private Key SSLCertificateKeyFile /path/to/private.pem #Server Certificate Chain SSLCertificateChainFile /path/to/chain.crt #Certificate Authority SSLCertificateFile /path/to/root-ca.pem
After the changes you should restart apache so that the changes take place. Keep in mind that if the certificate is password protected, you will be asked for an ssl passphrase that you should provide in order for the restart to be completed.
service httpd restart
You can ensure that the certificate is installed successfully by using the following command:
openssl s_client -connect HOSTNAME:443
Your response should look like:
Verify return code: 0 (ok)
[…] http traffic to https. You can view my blog post on how to install your apache SSL certificate from here. Redirection can be implemented by adding the appropriate rule in your .htaccess […]
[…] Lastly you can validate your certificate correctness by following my relevant article https://blog.geralexgr.com/cloud/install-entrust-ssl-chain-certificate-apache-2-red-hat-configuratio… […]