How to Install a Wildcard SSL Certificate on an Apache Web Server

Posted on by
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A wildcard SSL certificate is a powerful tool for securing a primary domain and all its subdomains under a single certificate.

Whether you’re running multiple services like blog.example.com, shop.example.com, or mail.example.com, a wildcard SSL simplifies management and enhances trust.

This article provides a step-by-step guide to installing a wildcard SSL certificate on an Apache server.

How to Install Wildcard SSL on Apache

Step 1: Prepare Certificate Files

Before starting the installation, make sure you have the necessary certificate files ready:
A valid wildcard SSL certificate (e.g., *.example.com) issued by a Certificate Authority.

  • The associated private key (generated during the CSR process).
  • A CA bundle or intermediate certificate file from your SSL provider.

If you don’t yet have your certificate, you can buy your wildcard SSL certificate right here at CheapSSLsecurity.com.
Once obtained, upload all three files to a secure location on your server. For example:

/etc/ssl/certs/your_domain.crt # Wildcard certificate
/etc/ssl/private/your_domain.key # Private key
/etc/ssl/certs/ca_bundle.crt # CA bundle

Make sure the private key is properly protected using strict permissions:

chmod 600 /etc/ssl/private/your_domain.key

Step 2: Configure Apache Virtual Host

Next, update your Apache virtual host configuration to enable SSL. This is usually done in a file within /etc/httpd/conf.d/ (CentOS/RHEL) or /etc/apache2/sites-available/ (Debian/Ubuntu). 
Here is a sample configuration block:

<VirtualHost *:443>
ServerName example.com
ServerAlias *.example.com

DocumentRoot /var/www/html

SSLEngine on
SSLCertificateFile /etc/ssl/certs/your_domain.crt
SSLCertificateKeyFile /etc/ssl/private/your_domain.key
SSLCertificateChainFile /etc/ssl/certs/ca_bundle.crt


AllowOverride All

</VirtualHost>

Make sure the Apache SSL module is enabled, as it handles the HTTPS traffic. Without it, the web server won’t understand SSL directives. On Debian-based systems, you can activate it using:

sudo a2enmod ssl

And then enable the site:

sudo a2ensite your-ssl-site.conf

Step 3: Restart Apache

After updating the configuration, reload or restart Apache to apply the changes:

sudo systemctl restart apache2 # Debian/Ubuntu
sudo systemctl restart httpd # CentOS/RHEL

If everything is configured correctly, Apache will start without errors, and your site will be accessible over HTTPS.

Step 4: Verify SSL Installation

To confirm that your wildcard SSL certificate is correctly installed and functioning as expected:

  • Open your browser and visit https://example.com and https://sub.example.com.
  • Use online tools like SSL Checker to inspect your SSL setup. 

Installing a wildcard SSL on Apache is a straightforward process, but each step is crucial to ensure the security of your domain and subdomains. Failing to configure certificate paths or missing a chain file correctly can lead to browser warnings, trust issues, and a broken user experience. It’s important to regularly review your SSL configuration and renew your certificate before it expires to maintain uninterrupted protection.

Related posts:

  1. How to Install a Wildcard SSL Certificate on IIS 7 and IIS 8
  2. How to Install a Wildcard SSL certificate on NGINX
  3. How to Install a BlueHost SSL Certificate
  4. How to Enable HTTP2 on Apache
  5. How to Install an SSL Certificate in HostGator
  6. How to Install an SSL Certificate in Your WordPress Site That’s Hosted on SiteGround Quickly
  7. How to Redirect HTTP to HTTPS in .htaccess for a WordPress Website
  8. How to Install an SSL Certificate in WordPress Site Hosted on BlueHost