Best practices for placing SSL certificates for use in Apache 2?

view story

http://serverfault.com – In an environment where a handful of Apache servers are running a bunch of sites using SSL certificates for HTTPS, where should these certificates be placed? In Debian or Ubuntu, should all relevant files be put in /etc/apache2/ssl? Or is there some other location better suited for this? What security concerns should be addressed when choosing locations for these files for multiple websites on the same server? (HowTos)

Submitted by grtyyu on 08/19/2011

Login or register to post comments
Email this page

Stories similar to Best practices for placing SSL certificates for use in Apache 2?

Multiple SSL certificates on Apache using multiple public IPs - not working 26 weeks 12 hours ago

I need configure multiple SSL certificates on a single Apache server.

transfer SSL certifcate from one CentOs machine to another 1 year 24 weeks ago

I have been tasked with transferring SSL certificates from one server to another for a website. I know nothing about this but have been reading that if everything is the same on the 2 servers then I should be able to just copy some files. Otherwise I have regenerate something.

The original server is CentOs machine running apache that has several websites on it.

[ubuntu] Apache not starting after installing SSL certificate on vhost 8 weeks 4 days ago

Hello!

I tried to install a already existing certificate from GoDaddy on a website in ISPConfig3. I first enabled the SSL checkbox, then copy/pasted the certificate in the SSL tab.

After I did this, apache crashed, and could not start. I'll admit I panicked a bit, but further on I navigated to /var/www/example.com/ssl, and deleted the certificates.

Certificates management in Android 4.2 15 weeks 4 days ago

I have a tablet running Android 4.2 with multiple users configured. I want to install certificates which can be accessed by the secondary user (basically I want to configure an Email account in the secondary user which requires certificates). I installed certificates in the primary user.

Disabling Apache Directives That Don't Have an "Off" Value 27 weeks 3 days ago

I want certain Apache directives, like SSLCACertificateFile, to be enabled in some Locations, but disabled in others.

How to Enable multiple SSL vhosts and certificates on a single IP with Apache 1 year 14 weeks ago

I want apache that Supproted enable multiple SSL vhosts and certificates on a single IP with Apache ,

my configuration file as follows : Please Help me .

Is it a good idea to use cacert SSL certificates instead of self signed one in production? 36 weeks 6 days ago

At work, I have a bunch of web interfaces that use plain http or self signed certificates (load balancer management interface, internal wiki, cacti, ...).

None is reachable from outside specific vlans/networks.

For home usage, I use cacert SSL certificates.

I was wondering if I should suggest my employer to use cacert SSL certificates instead of self signed certificates and plain http.

How do certificates aid in security? [closed] 41 weeks 3 days ago

How do certificates aid in security? I know it has something to do with proving identity.

Is there an example or analogy to help understand this?

Also what are the different types of certificates?

Thanks

Update Verisign certificates 35 weeks 2 hours ago

My bank has asked me to update my web servers certificates (the ones used to sign their api interface for credit card transactions).

The old verisign certificates were 1024bit and the new ones are 2048bit.

Using 12.04

How do I update the certificates?

Best practices for placing SSL certificates for use in Apache 2?

Search

Best published stories

Beautiful linux wallpapers

Tags