PhD Social Science Setup APACHE HTTPD FOR SSL FROM ZEROSSL.COM … . CODE BY SKRAITO ( GOD CLONE ) AND LORD JESUS CHRIST … . WITH ADDED IF YOU NEED PHP WHICH IS WORDPRESS AND THE REST … .

To configure Apache HTTPD with ZeroSSL, you must download your certificate files, enable the Apache SSL module, and point your Virtual Host configuration to the certificate paths.

Prerequisites

Make sure you have downloaded the Apache server type zip file from ZeroSSL. Unzipping it provides three essential files:

• certificate.crt (Your primary domain certificate)
• ca_bundle.crt (The certificate authority bundle)
• private.key (The private key generated during the request process)

---

1. Upload Certificate Files

Move the files securely onto your server. Standard practice dictates placing keys and certificates into separate, protected directories:

• Place certificate.crt and ca_bundle.crt in /etc/ssl/
• Place private.key in /etc/ssl/private/

Tip: Adjust file permissions so only root can access your private key (chmod 600 /etc/ssl/private/private.key).

2. Enable Apache SSL Module

Apache requires its SSL module enabled to manage secure connections. Run the appropriate command depending on your operating system:

• Ubuntu / Debian: bash sudo a2enmod ssl Use code with caution.
• CentOS / RHEL:
  Ensure mod_ssl is installed: bash sudo yum install mod_ssl Use code with caution.

3. Configure the Apache Virtual Host

Locate your virtual host file. On Ubuntu/Debian, this is typically found in /etc/apache2/sites-available/. On CentOS/RHEL, it is often in /etc/httpd/conf.d/ssl.conf.

Open the configuration file and either update or add a port 443 Block:

apache

<VirtualHost *:443>
    ServerName ://yourdomain.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile /etc/ssl/certificate.crt
    SSLCertificateKeyFile /etc/ssl/private.key
    SSLCertificateChainFile /etc/ssl/ca_bundle.crt

    # Optional security optimizations
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    SSLCipherSuite HIGH:!aNULL:!MD5
</VirtualHost>

Use code with caution.

4. Redirect HTTP to HTTPS (Optional)

To force all incoming unencrypted web traffic over to HTTPS, append an port 80 configuration block to your configuration:

apache

<VirtualHost *:80>
    ServerName ://yourdomain.com
    Redirect permanent / https://://yourdomain.com/
</VirtualHost>

Use code with caution.

5. Verify and Restart Apache

Before applying changes, test your syntax configuration for errors:

• Ubuntu / Debian: bash sudo apache2ctl configtest Use code with caution.
• CentOS / RHEL: bash sudo httpd -t Use code with caution.

If the terminal returns Syntax OK, restart the web server daemon:

• Ubuntu / Debian: bash sudo systemctl restart apache2 Use code with caution.
• CentOS / RHEL: bash sudo systemctl restart httpd Use code with caution.

6. Test Your Setup

Open your web browser and navigate directly to your domain via https://yourdomain.com. You can also paste your URL into the official ZeroSSL Installation Checker to verify the certificate parameters are broadcasting correctly.

DON’T FORGET TO OPEN YOUR FIREWALL … .

Step-by-Step Breakdown

If you prefer to run the commands individually, follow these steps:

1. Add HTTP (Port 80) permanently: bash sudo firewall-cmd --permanent --zone=public --add-service=http Use code with caution.
2. Add HTTPS (Port 443) permanently: bash sudo firewall-cmd --permanent --zone=public --add-service=https Use code with caution.
3. Reload Firewalld to apply the new rules immediately: bash sudo firewall-cmd --reload

LIST ALL FIREWALL THAT ALLOW IN PUBLIC

sudo firewall-cmd –zone=public –list-all