How to install SSL for WordPress on Apache server

This tutorial assumes your site is running on an Apache server and you have sufficient SSH knowledge. You will need to have root SSH access to complete these changes.

1. Login to your SSH console

If you have Apache server running on cloud platforms like AWS or Digital Ocean, you might be able to login via SSH using Launch Console option. Otherwise, you can login using SSH key file or password via terminal.

2. Determine your Apache server version

If you are sure about having httpd or apache2 server, please proceed to next step.

Running the below SSH commands will help you identify whether you have httpd or apache2 server.

sudo systemctl is-enabled httpd

sudo systemctl is-enabled apache2

One of these will respond with enabled. Please follow below steps based on which server type is enabled.

3. Install SSL for Apache httpd server

Please run the below SSH command to install SSL module if not already installed:

sudo yum update -y

sudo yum install -y mod_ssl

If you have Linux 2, please run below command instead of above one

sudo yum install -y mod24_ssl

3a. Modify httpd config file with correct SSL paths

Now it’s time to correct the SSL cert, key and ca bundle paths in default config file. CD into /etc/httpd/conf.d/ and edit ssl.conf file

cd /etc/httpd/conf.d/

sudo nano ssl.conf

You need to look for SSLCertificateFile, SSLCertificateKeyFile & SSLCACertificateFile lines. Assuming your site is hosted / stored in /var/www/ directory and SSL certificates generated with WP Encryption WordPress plugin stored in keys directory, modify the 3 lines to look like this:

SSLCertificateFile /var/www/keys/certificate.crt
SSLCertificateKeyFile /var/www/keys/private.pem
SSLCACertificateFile /var/www/wp-content/plugins/wp-letsencrypt-ssl/cabundle/ca.crt

Save the file by pressing CTRL+O and exit editor with CTRL+X. CMD+O and CMD+X on Mac Terminal.

3b. Restart httpd server for SSL changes to take effect

Now we are done with the server config changes, it’s time to restart apache httpd server once for changes to take effect. Please run the below SSH commands to do so:

sudo systemctl restart httpd

OR

sudo service httpd restart

Your HTTPS site should be working perfectly now!.

4. Install SSL for Apache2 server

Enable SSL module using below command if not already enabled

sudo a2enmod ssl

cd /etc/apache2/ and check if sites-available & sites-enabled directory exists. if exists – cd into sites-available and you should find a config file like default-ssl.conf. Using the default file name, Please run the below command to enable it and then modify this file,

sudo a2ensite default-ssl.conf
sudo nano default-ssl.conf

If you don’t find sites-available & sites-enabled directory, You should probably modify apache2.conf file.

You need to look for SSLCertificateFile, SSLCertificateKeyFile & SSLCACertificateFile lines. Assuming your site is hosted / stored in /var/www/html/ directory and SSL certificates generated with WP Encryption WordPress plugin stored in keys directory, modify the 3 lines to look like this:

SSLCertificateFile /var/www/html/keys/certificate.crt
SSLCertificateKeyFile /var/www/html/keys/private.pem
SSLCACertificateFile /var/www/html/wp-content/plugins/wp-letsencrypt-ssl-pro/cabundle/ca.crt

Save the file by pressing CTRL+O and exit editor with CTRL+X. CMD+O and CMD+X on Mac Terminal.

4a. Restart Apache2 server for SSL changes to take effect

Now we are done with the server config changes, it’s time to restart apache2 server once for changes to take effect. Please run the below SSH commands to do so:

sudo systemctl restart apache2

OR

sudo service apache2 restart

Your HTTPS site should be working perfectly now!.