StartSSL™
Sign-up for Free
 
StartSSL™
en  fr  de  ru  cz     






StartSSL™ EV

Supported Browsers and Platforms

StartSSL™ - The Swiss Officer's Knife of Digital Certificates & PKI

 
StartSSL™ Free

Apache Web Server

 
First of all you have to load the mod_ssl module. Many distributions and packages have this module shipped by default, otherwise check the documentation of Apache how to do this.

To configure a default SSL/TLS aware virtual server, you should add at least the following lines to your httpd.conf or ssl.conf file:

LoadModule ssl_module modules/mod_ssl.so

Listen 443

<VirtualHost _default_:443>
   DocumentRoot /home/httpd/private
   ErrorLog /usr/local/apache/logs/error_log
   TransferLog /usr/local/apache/logs/access_log
   SSLEngine on
   SSLProtocol all -SSLv2
   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

   SSLCertificateFile /usr/local/apache/conf/ssl.crt
   SSLCertificateKeyFile /usr/local/apache/conf/ssl.key
   SSLCertificateChainFile /usr/local/apache/conf/sub.class1.server.ca.pem
   CustomLog /usr/local/apache/logs/ssl_request_log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>


Download the sub.class1.server.ca.pem for the above configuration. Make sure to change the path according to your apache installation. For windows you need to use something like c:\apache\httpd.

If you have a higher validated server certificate you need to use the class2 or class3 intermediate CA certificate.