Renewal of an SSL

Apache Configuration

Here is the apache conf where we set up where the SSL cert is to be stored.


SSLCertificateFile /etc/apache2/certs/

SSLCertificateKeyFile /etc/apache2/certs/

SSLCACertificateFile /etc/apache2/certs/ca.crt

Certificate Files required

The three files need to be updated.

SSLCertificate - is the certificate for the domain and starts with:


SSLCertificateKey - is the private key used to generate the certificate and start with:

-- -- -BEGIN PRIVATE KEY-- -- -

SSLCACertificate - The ca.crt is a certificate for the SSL provider and may remain the same

if the same SSL provider is used, though always check this.

Current 2016 to 2019 Wilcard SSL Cert

The current wildcard multi domain certificate is held at..

The SSL was order from

Note - Attempting to install this Certificate on the website (front facing

website) caused a key mismatch error and failed to load - I do not know if wildcard makes

any difference, but it looked like we may have the wrong private key stored for this


Note - this is an Essentials SSL - the cheapest - but looking on the website, it does not

claim to support mobile and so we may have issues in the future. We should have bought

an Essentials Certificate that does have the mobile support.

Current 2017 to 2018 SSL Cert

Since the wildcard cert did not install; then I ordered a new one just for the front facing

website that installed no problems

The process of ordering a cert requires a request file and private key to be generated.

These files are both held in the DevOps/SSL/ folder