Now is the time to switch to secured connections via SSL. Howto for Apache 2.4

Since a couple of moths Google is using SSL as a ranking signal which means that the use of secured SSL connections will improve the ranking of your page in the Google Serp. Furthermore it will increase the trust in your project if you use SSL connections. Switching to SSL is has never been easier than now. Here a short step-by-step guide which is showing you how to make your website secure.

Step 1: Create your a private and public key

The first thing you have to do to get started with encrypting your website is getting creating a SSL key and a certification request file based on that key. Using Linux this step is very easy. Just execute the following tow commands.

openssl genrsa -out mykey.key 2048 
openssl req -new -key mykey.key -out mykey.csr -config req.conf

The directory where you execute the command has also to contain the following req.conf:

[ req ]
default_bits        = 2048
default_keyfile     = mykey.key
distinguished_name  = req_distinguished_name
req_extensions     = req_ext # The extentions to add to the self signed cert

[ req_distinguished_name ]
countryName           = US
countryName_default   = US
stateOrProvinceName   = Colorado
stateOrProvinceName_default = Colorado
localityName          = Denver
localityName_default  = Denver
organizationName          =
organizationName_default  =
commonName            =
commonName_max        = 64

[ req_ext ]
subjectAltName          = @alt_names

DNS.1   =
DNS.2   =

Important: The [ req_ext ] and [alt_names] sections are only needed if you want to issue a certificate which is valid for multiple domains. Otherwise you can just leave these tow sections out.
Step 2: Now we arrived at the time where you have to issue your SSL certificate. You can either do that for free or get a commercial certificate. The advantage of the latter solution is that these certificates are recognized by all common web-browsers while the free certificates still have some acceptance issues.

A a really good provider of free SSL certificates is The acceptance of these free SSL certificates will increase with the time so it is definitely worth considering this option. If you decide to get a non-free certificate you might have a look at or to get cheap ones.

The certificates are simply issued after you uploaded your CSR Request file you have created before. If you got your certificate the only thing missing is to correctly setup your Apache Webserver

Step 3: Configure your webserver to use the SSL Certificates
The easiest way to do is to use virtual hosts. Adding the following two configs to your webserver will do both enable SSL and also maintain the normal HTTP connection.

<VirtualHost *:443>

   <Directory "/var/www/html">
      Require all granted

    DocumentRoot /var/www/html
    SSLEngine On
    SSLCertificateFile /etc/httpd/conf.d/ssl.key/cert.crt
    SSLCertificateKeyFile /etc/httpd/conf.d/ssl.key/djvupdf.key
    SSLCACertificateFile /etc/httpd/conf.d/ssl.key/

<VirtualHost *:80>
    DocumentRoot /var/www/html

   <Directory "/var/www/html">
      Require all granted

The files cert.crt and will be provided by your certification authority after the transaction has been completed.

Step 4: Solving SEO issues and testing your SSL configuration
Now you are done already. Your server is reachable via secured connections now. You can test if your SSL configuration is up-to-date at the following site:

If you get an A+ to A- there you are completely fine.

In case you did not disable the normal HTTP connection to your server there is a little issue with duplicate content you should solve. Search engines do not like duplicate content therefore you should tell them which is the preferred version of your site. This can be done easily by including the so-called canonical tag to the header section of your pages and setting it to the https:// URL of the particular page. This will fix those issues. Make sure, that the URL is exact!

A example how this looks like is the following line. Make sure to put it in the head section:

<link rel="canonical" href="" />

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: