I am at a loss, I have my certificate from Godaddy for the domain name.

The CentOS6.3 server is running Drupal 7 with Apache 2.2 (installed mod_ssl & openssl) packages.
The SSL certificate is for the redirection in Drupal (secure pages).

The Drupal has secure pages enabled so it redirects to https when the login is type in the URL: www.mysite.com/?q=user then it redirects to https

I have read the directions/howtos for installing the cert but I am still at a loss.

I have these files:

mydomain.name.crt
www_mydomain.name.key
gd_bundle.crt

My directory structure in /etc/pki/tls/certs :
[root@www tls]# ls -l
total 24
lrwxrwxrwx. 1 root root 19 Feb 6 07:50 cert.pem -> certs/ca-bundle.crt
drwxr-xr-x. 2 root root 4096 Jul 27 12:57 certs
drwxr-xr-x. 2 root root 4096 Jul 11 08:53 misc
-rw-r--r--. 1 root root 10906 May 15 04:52 openssl.cnf
drwxr-xr-x. 3 root root 4096 Jul 27 11:06 private


in this directory is my ssl.conf is this the file I need to edit??

[root@www conf.d]# pwd;ls -l
/etc/httpd/conf.d
total 28
-rw-r--r--. 1 root root 674 Jun 25 03:47 php.conf
-rw-r--r--. 1 root root 392 Feb 7 08:51 README
-rw-r--r--. 1 root root 9473 Jul 27 10:57 ssl.conf <-- is this it???
-rw-r--r--. 1 root root 302 Feb 6 15:45 welcome.conf

my document root in the httpd.conf (in /etc/httpd/conf) is:

DocumentRoot "/var/www/webdata"

From the (/etc/httpd/conf.d/ssl.conf) file

# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/localhost.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt

# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt


Any help to get put the files in the right location and how I need to do my Apache directive would be great.

Note: I can post the complete (default) ssl.conf file and my httpd.conf file as well. I am struggling on how to get this to work.

You would need to create a duplicate virtual host for the :443 connection, you can put this in your ssl.conf. I used to work for GoDaddy so this is like a blast from the past heh.


You can update the paths on the files ot wherever you upload them to, I usually recommend creating another folder like /etc/httpd/conf/ssl/ to store them in to keep it organzied.

1 members found this post helpful.

Just a note, that SSL installs are a pain in the butt and you will have to re-install it every time you renew or purchase a new one. If you are planning on keeping the site I would buy one thats good for a few years so you don't have to go through this again next year.

If you are having issues with installing SSL on Drupal website, then you could try Cloudways hosting platform. Their platform allows you to host Drupal on cloud server in just few minutes and integrate SSL by clicking a simple button. However, their platform uses Debian 8, not CentOS. Here is more information on how you can install SSL on Drupal using their platform: http://www.cloudways.com/blog/lets-e...ssl-on-drupal/

click baiting

azazqadir you are aware that this WAS a dead thread from 2012