← Back to Home
SSL Installation Guide
Install SSL certificates on Apache and Nginx with production-ready configs. Extra notes for cPanel, Plesk, and AWS ACM are included.
Overview
- Example domain: sslcheckpro.com
- Files used:
sslcheckpro.com.crt,sslcheckpro.com.key, andintermediate-chain.crt - Always install the full chain (server cert + intermediate)
Generate CSR and Private Key (OpenSSL)
# Private key openssl genrsa -out sslcheckpro.com.key 2048 # CSR (interactive) openssl req -new -key sslcheckpro.com.key -out sslcheckpro.com.csr \ -subj "/C=IN/ST=Gujarat/L=Ahmedabad/O=SSL Checker Pro/OU=IT/CN=sslcheckpro.com" # CSR with SANs (sslcheckpro.com + www) cat > san.cnf <<'EOF' [ req ] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C = IN ST = Gujarat L = Ahmedabad O = SSL Checker Pro OU = IT CN = sslcheckpro.com [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = sslcheckpro.com DNS.2 = www.sslcheckpro.com EOF openssl req -new -key sslcheckpro.com.key -out sslcheckpro.com.csr -config san.cnf
Apache (httpd) Setup
sudo mkdir -p /etc/ssl/sslcheckpro sudo cp sslcheckpro.com.crt /etc/ssl/sslcheckpro/ sudo cp intermediate-chain.crt /etc/ssl/sslcheckpro/ sudo cp sslcheckpro.com.key /etc/ssl/sslcheckpro/ # VirtualHost <VirtualHost *:443> ServerName sslcheckpro.com ServerAlias www.sslcheckpro.com DocumentRoot /var/www/sslcheckpro SSLEngine on SSLCertificateFile /etc/ssl/sslcheckpro/sslcheckpro.com.crt SSLCertificateKeyFile /etc/ssl/sslcheckpro/sslcheckpro.com.key SSLCertificateChainFile /etc/ssl/sslcheckpro/intermediate-chain.crt Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" </VirtualHost> # HTTP → HTTPS redirect <VirtualHost *:80> ServerName sslcheckpro.com ServerAlias www.sslcheckpro.com Redirect permanent / https://sslcheckpro.com/ </VirtualHost> sudo apachectl configtest sudo systemctl reload httpd # or apache2
Nginx Setup
sudo mkdir -p /etc/nginx/ssl/sslcheckpro
sudo cp sslcheckpro.com.crt /etc/nginx/ssl/sslcheckpro/
sudo cp intermediate-chain.crt /etc/nginx/ssl/sslcheckpro/
sudo cp sslcheckpro.com.key /etc/nginx/ssl/sslcheckpro/
server {
listen 80;
server_name sslcheckpro.com www.sslcheckpro.com;
return 301 https://sslcheckpro.com$request_uri;
}
server {
listen 443 ssl http2;
server_name sslcheckpro.com www.sslcheckpro.com;
root /var/www/sslcheckpro;
ssl_certificate /etc/nginx/ssl/sslcheckpro/sslcheckpro.com.crt;
ssl_certificate_key /etc/nginx/ssl/sslcheckpro/sslcheckpro.com.key;
ssl_trusted_certificate /etc/nginx/ssl/sslcheckpro/intermediate-chain.crt;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
}
sudo nginx -t
sudo systemctl reload nginx
Control Panels & Cloud
cPanel
- Login → SSL/TLS → Manage SSL Sites → Install
- Paste certificate, private key, and CA bundle (chain)
Plesk
- Websites & Domains → SSL/TLS Certificates → Add
- Upload cert, key, and chain then assign to hosting
AWS Certificate Manager
- Request public certificate for sslcheckpro.com (+ www)
- Validate via DNS; attach to ALB or CloudFront
Troubleshooting
- Not trusted: install the intermediate chain
- Name mismatch: ensure SANs include exact hostnames
- Mixed content: update all asset URLs to HTTPS
- Key/cert mismatch: verify modulus or fingerprint
Verify Installation
Test sslcheckpro.com with our tools: