tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
SSL Certificate Service
    Documentation
    Download PDF

    Installing an SSL Certificate on an Apache Server (Windows)

    Last updated: 2024-03-06 17:38:42
    Download PDF

      Overview

      This document describes how to install an SSL certificate on an Apache server.
      Note:
      The certificate name cloud.tencent.com is used as an example.
      The Apache/2.4.53 version is used as an example. The default port is 80. You can download it from the Apache official website. If you need to use another version, contact us.
      The current server OS is Windows Server 2012 R2. Detailed steps vary slightly by OS.
      Before you install an SSL certificate, enable port 443 on the Apache server so that HTTPS can be enabled after the certificate is installed. For more information, see How Do I Enable Port 443 for a VM?.
      For detailed directions on how to upload SSL certificate files to a server, see Copying Local Files to CVMs.

      Prerequisites

      Install the Apache service on the current server.
      The data required to install the SSL certificate includes the following:
      Name
      Description
      Server IP address
      IP address of the server, which is used to connect the PC to the server.
      Username
      The username used to log in to the server.
      Password
      The password used to log in to the server.
      Note:
      For a CVM instance purchased on the Tencent Cloud official website, log in to the CVM console to get the server IP address, username, and password.

      Directions

      Step 1. Upload the certificate file

      1. Log in to the SSL Certificate Service console, and click Download for the certificate you need to install.
      2. In the pop-up window, select Apache for the server type, click Download, and decompress the cloud.tencent.com certificate file package to the local directory. After decompression, you can get the certificate file of the corresponding type, which includes the cloud.tencent.com_apache file.
      Folder: cloud.tencent.com_apache
      Files in the folder:
      root_bundle.crt: certificate file
      cloud.tencent.com.crt: certificate file
      cloud.tencent.com.key: Private key file
      cloud.tencent.com.csr: CSR file
      Note: You can upload the CSR file when applying for a certificate or have it generated online by the system. It is provided to the CA and irrelevant to the installation.
      3. Log in to the Apache server via the RDP port.
      Note:
      For detailed directions, see Uploading Files from Linux to Windows CVM using RDP.
      We recommend that you use CVM's file upload feature for deployment to CVM.
      4. Copy the root_bundle.crt certificate file, cloud.tencent.com.crt certificate file, and cloud.tencent.com.key private key file from the local directory to the ssl.crt and ssl.key folders under the \\conf directory of the Apache server, respectively.
      SSL Certificate File
      Folder
      root_bundle.crt
      ssl.crt
      cloud.tencent.com.crt
      cloud.tencent.com.key
      ssl.key
      

      Step 2. Configure the file

      1. Open the httpd.conf file in the conf directory of the Apache server with a text editor and delete the # before the following fields.
      #LoadModule ssl_module modules/mod_ssl.so
      #Include conf/extra/httpd-ssl.conf
      2. Open the httpd-ssl.conf file in the conf\\extra directory of the Apache server with a text editor.
      3. Modify the httpd-ssl.conf file and set the following field parameters to the paths of the uploaded certificate files as shown below:
      SSLCertificateFile "C:/apache/conf/ssl.crt/cloud.tencent.com.crt"
      SSLCertificateKeyFile "C:/apache/conf/ssl.key/cloud.tencent.com.key"
      SSLCACertificateFile "C:/apache/conf/ssl.crt/root_bundle.crt"
      4. Restart the Apache server and then you can access it through https://cloud.tencent.com.
      If the security lock icon is displayed in the browser, the certificate has been installed successfully.
      In case of a website access exception, troubleshoot the issue by referring to the following FAQs:
      Website Inaccessible After an SSL Certificate is Deployed
      "Your Connection is Not Secure" is Displayed After the SSL Certificate is Installed
      Why Does the Website Prompt "Connection Is Untrusted"?
      404 Error After the SSL Certificate is Deployed on IIS

      (Optional) Security configuration for automatic redirect from HTTP to HTTPS

      1. Open the httpd.conf file in the conf directory of the Apache server with a text editor and delete the # before the following fields.
      #LoadModule rewrite_module modules/mod_rewrite.so
      2. Configure the fields in the website running directory. For example, add the following content to the <Directory "C:/xampp/htdocs"> field:
      <Directory "C:/xampp/htdocs">
      RewriteEngine on
      RewriteCond %{SERVER_PORT} !^443$
      RewriteRule ^(.*)?$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
      </Directory>
      3. Restart the Apache server and then you can access it through both https://www.tencentcloud.com/ (which will be automatically redirected to https://www.tencentcloud.com/) and https://www.tencentcloud.com/.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy