Adding an SSL certificate to your VPS

This article provides instructions for setting up SSL for a site hosted on your WebEnabled VPS. You will need to purchase an SSL certificate from a third party. You will also need to purchase a dedicated IP address from WebEnabled if you do not have a free IP address on your VPS (each VPS comes with 1 dedicated IP, but you can add more for a monthly fee).

Edit httpd.conf (uncomment)

Make sure the following line is not commented:

Listen 443

This will tell Apache to listen on https://www.yoursite.com/.

Edit /etc/httpd/conf/virtwww/w_USER.conf

Replace the existing contents with the example below. You will need to adjust the values appropriately.

SSLCertificateChainFile /etc/ssl/certs/USER.heX.vps.webenabled.net.ca
SSLCACertificateFile /etc/ssl/certs/USER.heX.vps.webenabled.net.ca
NameVirtualHost 216.218.250.123:80
Use Vhost-simple w_USER * USER heX.vps.webenabled.net "user.heX.vps.webenabled.net www.USER.heX.vps.webenabled.net yoursite.com www.yoursite.com" "/home/clients/websites/w_USER" uJMsEo7cxg
Use Vhost-simple-SSL w_USER * USER heX.vps.webenabled.net "USER.heX.vps.webenabled.net www.USER.heX.vps.webenabled.net yoursite.com www.yoursite.com" "/home/clients/websites/w_USER" uJMsEo7cxg
Edit /etc/httpd/conf/include/virtwww.conf

Replace the Vhost-multi-sitenames-live-SSL with the following:

<Macro Vhost-multi-sitenames-live-SSL $User $IP $Name $Domain $Aliases $Home>
Use Vhost-multi-sitenames-live-SSL-certname "$Name.$Domain" "$User" "$IP" "$Name" "$Domain" "$Aliases" "$Home"
</Macro>
cert, ca, and key files added with the appropriate values in each file

Create the certificate files and add the values provided when you purchased your SSL certificate.

heX!root:/etc/httpd/conf/include# cd /etc/ssl
heX!root:/etc/ssl# ls
certs keys
heX!root:/etc/ssl# ls certs/USER.heX.vps.webenabled.net USER.heX.vps.webenabled.net.ca
heX!root:/etc/ssl# ls keys/USER.heX.vps.webenabled.net
Check the Apache config and then graceful restart

If there are no errors in the configtest then you can restart Apache gracefully. Then check that it works in your browser.

heX!root:~# apachectl configtest
heX!root:~# apachectl graceful