How to Install an SSL Certificate on a Bitnami LAMP Stack Running on CentOS 7

Securing your website with an SSL certificate is essential to protect sensitive information and build trust with your visitors. In this tutorial, we’ll guide you through the process of installing an SSL certificate on a Bitnami LAMP (Linux, Apache, MySQL, PHP) stack running on CentOS 7. This step-by-step guide will ensure that your website is served over HTTPS, encrypting data transmission and providing a secure browsing experience for your users.

. The thing to note here is that I am using centos 7 server. Oh yes, you have already seen your title, that’s why this page is there . so let’s start

To install SSL there are some simple steps which have to be followed

  1. Access your server: Log in to your CentOS 7 server where the Bitnami LAMP stack is installed via SSH. If you are accessing it locally, you can open a terminal.
  2. Open a terminal: If you are using a remote server, connect to it via SSH. On Windows, you can use tools like PuTTY or mobaxterm.
  3. Navigate to the Bitnami Apache directory: By default, the Bitnami LAMP stack is installed in the /opt/bitnami directory. Change to the Apache configuration directory
cd /opt/bitnami/apache2/conf

Now after doing so much you will need some things Like

  1. CSR File: CSR is one of the first steps towards getting your own SSL Certificate. Generated on the same server you plan to install the certificate on, the CSR contains information (e.g. common name, organization, country) the Certificate Authority (CA) will use to create your certificate. It also contains the public key that will be included in your certificate and is signed with the corresponding private key.

So let’s generate it

Generate the CSR: To generate the CSR, use the OpenSSL command-line tool. Replace your_domain_name with the actual domain name for which you want to generate the CSR:

openssl req -new -newkey rsa:2048 -nodes -keyout your_domain_name.key -out your_domain_name.csr

During this process, you will be asked to enter information like country, state, locality, organization, and common name (your domain name). Make sure to provide the correct information for your SSL certificate.

Enter the CSR information: You will be prompted to enter information for the CSR. For example:

Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Jharkhand
Locality Name (eg, city) [Default City]:Ranchi
Organization Name (eg, company) [Default Company Ltd]:Learn Code Zone
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:example.com
Email Address []:
A challenge password :

Enter the appropriate information for your domain and organization. The “Common Name” should be your domain name (e.g., example.com).

Here in place of “Learn Code Zone” you need to give your company and domain name. And together with the location also give the your company location and details .

Now your csr file is generated. you can see in this path.

cd /opt/bitnami/apache2/conf/example.com.csr

Backup the private key: After generating the CSR, back up the private key (example.com.key) and store it securely.

Submit the CSR: Submit the CSR file (example.com.csr) to a trusted Certificate Authority. They will verify your domain ownership and provide you with the SSL certificate files once the validation process is complete.

Configure SSL certificate: Once you receive the SSL certificate files (e.g., example.com.crt and CA intermediate certificates), configure SSL in your Apache virtual host configuration to enable SSL for your domain.

How to upload CSR

You have to submit CSR from wherever you have bought SSL. And in many places the domain is also to be given for the domain for which ssl is going to be installed.

Now copy code from your .csr file and upload . If there is some extra space then it has to be removed carefully.It is often removed in just one backspace.

it should look something like this

Confirm that you own the domain

Now you have to verify the domain, many options are available in this step . But I agree that if you want to verify quickly, you can do it by email or by uploading the file to the root directory of your server.

Upload file:

Create “.well-known” and “pki-validation” folders at example.com/.well-known/pki-validation/ and upload the validation file 

and you should be able to access the file via both links:

http://example.com/.well-known/pki-validation/E6824375E817349404E92FK414C32ECC.txt
http://www.example.com/.well-known/pki-validation/E6824375E817349404E92FK414C32ECC.txt

After this it will take some time after verify, after that you will get a zip file on your mail.

In this you will get these three files

It has to be downloaded and uploaded in your conf directory

Now Edit Apache Virtual Host configuration: Open the Apache Virtual Host configuration file for your domain. Replace example.com with your actual domain name:

cd /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Configure SSL settings: Inside the VirtualHost block, add the following lines to enable SSL and point to the SSL certificate files:

<VirtualHost _default_:443>
  DocumentRoot "/opt/bitnami/apache2/htdocs"
  ServerName example.com
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache2/conf/ssl/example.com.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key" # Path to the private key file generated during CSR
  SSLCertificateChainFile "/opt/bitnami/apache2/conf/ssl/intermediate.crt" # Optional if you have intermediate certificates
  ...
</VirtualHost>

Replace /opt/bitnami/apache2/conf/server.key with the path to the private key file that you generated during CSR generation.

Restart Apache: Finally, restart Apache for the changes to take effect:

cd /opt/bitnami/
./ctlscript.sh restart

You can use https instead of http

Even after that if you are not able to use https then your port is disabled. then you have to open the port

For that copy and paste this code in putty

iptables -I INPUT -p tcp --dport 25 -j ACCEPT
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p tcp --dport 465 -j ACCEPT
iptables -I INPUT -p tcp --dport 587 -j ACCEPT
iptables -I INPUT -p tcp --dport 8890 -j ACCEPT
iptables -I INPUT -p tcp --dport 514 -j ACCEPT
iptables -I INPUT -p tcp --dport 3306 -j ACCEPT

Conclusion:

By following these steps, you’ve successfully installed an SSL certificate on your Bitnami LAMP stack running on CentOS 7. Your website is now securely served over HTTPS, providing a safe browsing experience for your visitors and building trust in your online presence. Always remember to keep your private key secure and follow SSL certificate renewal procedures as required by your Certificate Authority. Enjoy the benefits of a secure website and the peace of mind it brings to both you and your users.

Hey folks, I'm Vivek Kumar Pandey, a software engineer with a passion for crafting elegant solutions to complex problems. From the bustling streets of Mumbai to the heart of Bangalore's tech scene, I've journeyed through the world of programming, leaving my mark one line of code at a time. Join me as I continue to explore, innovate, and push the boundaries of what's possible in the digital realm.

Related Posts

Exporting and Importing SQL Databases in phpMyAdmin Using XAMPP and Command Prompt

Managing databases is an essential task for developers and administrators alike. Whether you’re migrating data, backing up your database, or deploying updates, having the right tools and…

Mastering Cron Expressions: A Comprehensive Guide

Cron expressions are a powerful tool that enables automation and task scheduling on Unix-like operating systems. Whether you’re a systems administrator, a developer, or simply someone interested…

Transfer Files using SFTP In Window

In this article, I am going to learn you how you can download any file from any server, for that no software is required, just you must…

PrestaShop Custom Registration Field

Hello friend I am going to teach you in this tutorial that if you want to add a new field in the registration form of PrestaShop,1.7 how can…

Prestashop Webservice In Post/Put JSON Data In the body

To Post/Put data Prestashop Web service uses XML. If you want to use JSON, you need to modify Webservice and convert JSON to XML or directly JSON to data….

Leave a Reply

Your email address will not be published. Required fields are marked *