Configure HTTPS for Apache HTTP Server on CentOS 7
· One min read
CentOS 7 is end-of-life, so use a supported operating system for new deployments. For a legacy host, install Apache and the TLS module, then configure a certificate issued for the site's hostname.
sudo yum install httpd mod_ssl
sudo apachectl configtest
Example virtual host:
<VirtualHost *:443>
ServerName example.com
DocumentRoot /var/www/example
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/example.crt
SSLCertificateKeyFile /etc/pki/tls/private/example.key
SSLCertificateChainFile /etc/pki/tls/certs/example-chain.crt
</VirtualHost>
Redirect HTTP to HTTPS:
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
Validate and reload:
sudo apachectl configtest
sudo systemctl reload httpd
Protect the private key, allow ports 80 and 443 through the firewall, use current protocols and ciphers, automate certificate renewal, and test the complete certificate chain from an external client.