How to Create CSR and Install a Wildcard SSL Certificate on Apache Using OpenSSL

This article is an end-to-end demonstration of steps to build a CSR for wildcard SSL certificates using OpenSSL and then a complete process of installation of a certificate on the Apache web server. This guide will assure a successful configuration of a website with HTTPS.

Let’s get into the first phase where we will show you how to create CSR using OpenSSL for a wildcard SSL certificate.

Steps for Generating a CSR for Wildcard SSL on Apache Web Server Using OpenSSL

Step 1:  Access your terminal client (ssh) on your web server.

Step 2:  Enter the following command: openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr

Note: Change the server name in a command with the original server name.

Step 3:  Enter the name of a fully qualified domain name (FQDN) using an asterisk mark. For example; *.example.com.

Note: We are generating a CSR for a wildcard certificate, hence an asterisk mark is required.

Step 4:  Enter the prerequisite details of the organization, geographical information, etc.

Step 5:  That’s it! You are done with OpenSSL CSR for a wildcard SSL certificate.

Note: Along with a CSR file, you will have one more file called the “Private Key” that you need to keep on the same machine where you generated the Certificate Signing Request file.

Now, we are heading to the second phase where we will demonstrate Apache Wildcard SSL Certificate Installation.

Steps for Installing a Wildcard Certificate on Apache Web Server

Step 1: Download the set of your files from the Certificate Authority interface. The folder will contain two important files: the intermediate certificate (RapidSSLCA.crt) and primary certificate (your_domain_name.crt).

Step 2: Copy these files on your server along with the Private Key file.

Step 3:  Discover Apache httpd.conf — the configuration of Apache. You will need to edit it.

Note: You would have Apache’s configuration file named httpd.conf or apache2.conf on the locations /etc/httpd/ or /etc/apache2/.

Step 4:  Validate the <VirtualHost> block for further SSL configuration.

Note: You could prefer both the version of a website, like if want to access a website through a secure way and at the same time, a website should be accessible non-secure way too.

Step 5:  Configure the <VirtualHost> block for secure connection. Here is the sample example of the SSL-enabled <VirtualHost> block, and you need to follow the same for yours.

<VirtualHost 192.168.0.1:443>

    DocumentRoot /var/www/html2

    ServerName www.yourdomain.com

        SSLEngine on

        SSLCertificateFile /path/to/your_domain_name.crt

        SSLCertificateKeyFile /path/to/your_private.key

        SSLCertificateChainFile /path/to/RapidSSLCA.crt

    </VirtualHost>

Note: Double check the naming conventions for files — your files should be named properly.

Step 6:  That’s it. Restart your Apache server and check wildcard SSL certificate installation through SSL checker tool.