SSL Certificate Installation.
Wall Script
Follow Me:
Monday, July 09, 2012

SSL Certificate Installation.

I received many requests from my readers that asked to me how to configure SSL(https) for website like 9lessons labs. Actually I enable SSL for Facebook Application integration, nowadays most of the top sites allowing only secure https URL. In this post I explained few steps how to buy and setup a SSL certificate and configuration with XAMPP server in Ubuntu environment.

SSL Certificate Installation.

Live Demo

Step 1
Generating KEY file
root:/home# openssl genrsa -out domain.key 2048

Generating RSA private key, 1024 bit long modulus
e is 65537 (0x10001)

Step 2
Generating server CRT certificate file.
root:/home# openssl req -new -key domain.key -out domain.crt

Enter pass phrase for domain.key: Key Password

Country Name (2 letter code) [AU]:IN // Country Code 
State or Province Name (full name) [Some-State]:Tamilnadu // State 
Locality Name (eg, city) []:Chennai // City 
Organization Name (eg, company) [Internet Widgits Pty Ltd]:9lessons 
Organizational Unit Name (eg, section) []:software
Common Name (eg, YOUR name) [] //
Email Address [] // Domain Verification 

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:SSL Password // No special characters
An optional company name []:egglabs

Where to buy?
Many are available on web, I suggest go for SSL 123 Certificate and providing 21 days free trail click here. I ordered SSL 123 certificate from Bigrock these people providing Thawte certificates little cheaper.

SSL Certificate Installation.

Once SSL certificate order successful, download the domain.crt from your server and submit to SSL provider. SSL provider company eg. thawte will send you the domain verification mail to which you specified email in CRT file.

Sample CRT file
After domain owner confirmation SSL provider generate a new SSL CRT file. You can download this from SSL provider admin panel based on the order.

Copy the new generated CRT text into notepad and save as into ssldomain.crt. Upload this into your server.

Step 3
Copy files in XAMPP directories
root:/home# cp ssldomain.crt /opt/lampp/etc/ssl.crt/ssldomain.crt
root:/home# cp domain.key /opt/lampp/etc/ssl.key/domain.key

Step 4
Enable SSL extension in /opt/lampp/etc/httpd.conf
LoadModule ssl_module modules/

Step 5
Modify a Virtual Host /opt/lampp/etc/extra/httpd-ssl.conf
<VirtualHost _default_:443>

# General setup for the virtual host
DocumentRoot "/opt/lampp/htdocs"
ErrorLog /opt/lampp/logs/error_log
TransferLog /opt/lampp/logs/access_log

# Server Certificate:
SSLCertificateFile /opt/lampp/etc/ssl.crt/ssldomain.crt

# Server Private Key:
SSLCertificateKeyFile /opt/lampp/etc/ssl.key/domain.key

# Certificate Authority (CA):
SSLCACertificateFile /opt/lampp/etc/ssl.crt/ca.crt

You can download ca.crt file from, or click here to download this file. Same way upload into server copy into /opt/lampp/etc/ssl.crt/ directory.

Step 6
Enable the SSL port 443
Was this article helpful?
Thanks! Your feedback helps us to improve


  1. Awesome tutorial shri... you are such a webstar buddy...

  2. Useful! for looking for the exact same info for one of my project. Thanks much.

  3. this is really useful. could u please write something on PHP yii framework. it will really help to framework learning peoples

  4. Useful Article but i need some more in this... how can we install multiple ssl certificate on same ip?

    Thanks in Advance,
    Deven Patel

  5. Very nice!
    Once again, thank you!

  6. great article..very useful for me...

  7. Thanks,You posted great article

  8. I do search for ssl to protect xml from been downloaded.. Can u explain can ssl do protect xml file?


  9. sri, dude can you make 1tutorial for ssl installation in cpanel/whm? it would be great.

  10. I have setup ssl for nignx but error

    nginx: [emerg] SSL_CTX_use_certificate_chain_file("/etc/nginx/ssl/domain.crt") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib)
    nginx: configuration file /etc/nginx/nginx.conf test failed

  11. i have setup ssl for nginx but error

    server {
    limit_conn addr 10;

    ssl on;
    ssl_certificate /etc/nginx/ssl/domain.crt;
    ssl_certificate_key /etc/nginx/ssl/domain.key;

    root /usr/share/nginx/html;
    nginx: [emerg] SSL_CTX_use_certificate_chain_file("/etc/nginx/ssl/domain.crt") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib)
    nginx: configuration file /etc/nginx/nginx.conf test failed

  12. thanks for posting this article...! Nice one...!

  13. thanks, this post remind me...
    i just forget about it XD

  14. Hi Srinivas,

    Am getting this error "Unable to load config info from /usr/local/ssl/openssl.cnf"

    What could be possible cause?


  15. nice post.. i was in search for the same from a longer period

  16. Google Chrome blocked 4 JS files because they're not secure:

    Should we use to get our JS files through httpS as well?

  17. Does it make my server slow down?

  18. I've been looking for this tutorial really appreciate your way of your writing posts.

  19. Dude, I spent 3 days with no success using this tutorial you put up. I finally got this fixed right now using

    openssl req -nodes -newkey rsa:2048 -keyout domain.key -out domain.csr

    This is all on Apache ModSSL CentOS. all while doing this, I have tried 6 SSL companies and am very angry the problem is simply because i fail to follow the steps provided by the SSL companies.

  20. SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser.

  21. thank for share this tutorial, i like it :)

  22. its a wonderful post thanks for sharing this , awesome post..

  23. Really looking for such tutorial since long time, Appreciate for your efforts.

  24. Thanks for this article
    i was looking it all around

  25. Thanks a lot dude! I've been looking for this a very long time.

  26. Hi there! I followed your tutorial step by step, but I simply keep getting the same error after clicking the send button:

    API Error Code: 191
    API Error Description: The specified URL is not owned by the application
    Error Message: redirect_uri is not owned by the application.

    Note that my site is on my localhost and within the FB app settings I am providing a random website with SSL support. Might the problem be that I am not triggering the send button (and JS script) from the domain provided in the FB app settings?

    Thank you so much for your help.

  27. Thank you very much.

    Looks like Bigrock only support 2048 bits now, so had to generate the key with 2048 bits

    openssl genrsa -des3 -out domain.key 2048

  28. Thanks for the article. It was very helpful, especially the bigrock link you provided. I went through the link and found that they provide SSL Certificates at a cheaper price.

    Cheers for your good work!

  29. i have been browsing online more than 2 hours at the moment, but I never found several motivating article similar is attractive significance adequate for me.and now able to SSL Certificate Installation with my site or blogs thanks..

  30. Very informative article. You have described step by step installation process of SSL certification. Thanks

  31. It mean I have to buy the SSL, right?
    is there any way to make https without SSL or buying?


Make in India