Proper Installing Godaddy SSL Certificate on Amazon EC2

This is very easy process but be careful during the entire process it may take week.

First Steps for Installing SSL Certificates:

1. Log in to your Godaddy.com account and click in the drop down under your name in the top left green nav bar, click on "My Account".
2. Then click on the plus sign next to  "SSL Certificates" and select the certificate you most recently purchased and click on the orange "Set Up" button on the right. Then select your service in the drop-down that appears and click on the green "Set Up" button.
3. Next, Click on the "Launch" Button to open your certificate control panel. Since you are installing the certificate on a third party server, Amazon, select the third party server option in the "Hosting Options" dialog and enter your CSR by following the instructions for CSR in the next section.

Generating a Certificate Signing Request (CSR) - Apache 2.x

1. Log in to a secure shell. I uses Putty for this.
2. Enter the following at the command prompt:openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr                                  Replaceyourdomain with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
3. Provide the information asked for when doing the above command. You do not have to enter a password if you want to make the process simple and you don't have to enter any of the data that is specified as optional.
4. After answering the questions, type "ls" at the command prompt to list the content of your directory and you should see the two files you just generated with the CSR signing request. Open the .csr file by typing "sudo vi yourdomain.csr" and highlight the entire file and copy it to your clipboard with cntrl+c.
5. Paste the text into your Godaddy account  below where it says "Enter your Certificate Signing Request (CSR) below:".
6. Check the box to agree to terms of service and click the continue button leaving the other options set to default. Your certificate should be emailed to you.
7. Next login back into your Godaddy account and click on "request certificat" next to the certificate you just did the CSR for.
8. You do not have to wait for the email though, to get your certificate, go back to your account main page by clicking on "My Account" from the main nav on Godaddy.com. Scroll down to "SSL Certificates" again and click "Launch by your new certificate. If it is not ready yet, wait for your email and try again.
9. wait on email....

***Host name Must be your valid email address during form form filling on putty.

***addition field leave as it is.

Server  Configuration for SSL Certificates

The next thing you will have to do, after you have received your certificate files from Godaddy, is to configure your web server to deal with SSL and HTTPS. To do so, first check that you have open ssl and mod_ssl installed by creating an info.php file with the following contents:

<?php

phpinfo();

?>

Upload info.php to your server's web rod directory which will be /var/www/html on an Amazon Linux AMI. Then go to your info.php file in a web browser by navigating to yourDomain.com/info.php. You can verify that you have Open SSL by using the find feature of your browser and searching for "openssl" and check to make sure that it says enabled after the second instance of openssl you find on that page.

You can verify the existence of mod_ssl by searching info.php for "mod_ssl" if it is there, it is activated most likely. Just make certain it is listed under the loaded modules in your php info file.

Installing mod_ssl

before this you need to confirm whether you provided the security status with HTTPS or not from the EC2 security section in AWS amazon. If in the previous step, you could not find mod_ssl, it probably isn't installed. To install mod_ssl, open up a shell command prompt and type the following command at the command prompt:

sudo yum install mod_ssl

Type "y" for yes to give permission to install the module.

Now you can see mod_ssl in loaded by confirming it's presence in your info.php file from before.

Configure httpd.conf and ssl.conf

Before you start the following steps, go to your command prompt for your web server and make backup copies of your httpd.conf and ssl.conf files using the following commands:

cd /etc/httpd/conf

sudo cp httpd.conf httpd.conf.bkup

cd /etc/httpd/conf.d

sudo cp ssl.conf ssl.conf.bkup

1. Next, download your files from Godaddy as described above. Unzip them onto your desktop and upload them to your ec2-user folder on the web server. Your key files should already be there from when you generated a CSR earlier
2. If you're using an amazon Linux basic AMI, you will have a separate ssl.conf file at etc/httpd/conf.d/ssl.conf and your httpd.con file will be in the etc/httpd/conf/ folder. Open up /etc/httpd/conf.d/ssl.conf in vi using the command: sudo vi /etc/httpd/conf.d/ssl.conf
3. Find the following lines and edit them according to the file names you just uploaded and your key file name:     SSLCertificateFile /home/ec2-user/site.com.crt
   SSLCertificateKeyFile /home/ec2-user/site.key SSLCACertificateFile /home/ec2-user/gd_bundle.crt
4. Replace "site" with the actual file name above, then save the ssl.conf file in vi editor by typing :wq and if you didn't know how to edit in vi editor, u have to type "i" to insert or delete text then hit the esc key to get out of insert mode.
5. Restart Apache by typing "sudo service httpd restart" at the command prompt and pressing return. If no errors occurred, you did everything correctly and your ssl certificate will work now. If Apache didn't restart, you have a problem in your config file most likely so check your error logs or read the output error and fix the problem and restart until it works. If all fails revert back to the original backed up config files and restart the process until it works.