Renewing a SSL Certificate for Apache2 in Ubuntu 20.04
First you have to generate a new csr and key files.
It is not recommended to reuse your old CSR file.
openssl req -new -newkey rsa:2048 -nodes -keyout blog_carles_mateo_com_2022.key -out blog_carlesmateo_com_2022.csr
As you can see I used the name of the domain and the year for the new files to be generated to easily distinguish them.
When you’re asked for the password, in the additional fields, keep that password safe in case you need the Cert to be reissued to you.
You’ll need to submit the CSR file to your SSL provider. They will return you the CRT and the CA-BUNDLE files.
Edit your Apache config file for the SSL site.
For example:
/etc/apache2/sites-enabled/11-https-blog-carlesmateo-com.conf
Your conf file will look similar to this:
<VirtualHost *:443> ServerAdmin webmaster@yourdomain.cat DocumentRoot /opt/sites/www/blog.carlesmateo.com ServerName blog.carlesmateo.com SSLEngine on SSLCertificateFile /opt/sites/certs/2022/blog_carlesmateo_com_2022.crt SSLCertificateKeyFile /opt/sites/certs/2022/blog_carlesmateo_com_2022.key SSLCertificateChainFile /opt/sites/certs/2022/blog_carlesmateo_com_2022.ca-bundle ...
Before restarting Apache2, test the configuration for syntax errors with:
apache2ctl -t
If all is good, restart your Web Server with:
service apache2 restart
With a browser, verify that the information of the domain is right. I recommend you to check in Firefox and Chrome at least.
Rules for writing a Comment