✅ Langkah-Langkah Ganti SSL di Apache (Ubuntu)
1. Upload Sertifikat Baru ke Server
Misalnya kamu punya file:
your_domain.crt– Sertifikat SSL utamayour_domain.key– Private keyca_bundle.crt– Sertifikat intermediate (jika ada)
Letakkan di:
/etc/ssl/certs/your_domain.crt
/etc/ssl/certs/ca_bundle.crt
/etc/ssl/private/your_domain.key
Pastikan private key-nya hanya bisa dibaca root:
sudo chmod 600 /etc/ssl/private/your_domain.key
2. Edit File Virtual Host SSL
Biasanya ada di:
/etc/apache2/sites-available/your_domain-le-ssl.conf
atau bisa juga di:
/etc/apache2/sites-available/default-ssl.conf
Jalankan:
sudo nano /etc/apache2/sites-available/your_domain-le-ssl.conf
Lalu pastikan isinya seperti ini:
<VirtualHost *:443>
ServerAdmin admin@your_domain.com
ServerName your_domain.com
ServerAlias www.your_domain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/ssl/certs/your_domain.crt
SSLCertificateKeyFile /etc/ssl/private/your_domain.key
SSLCertificateChainFile /etc/ssl/certs/ca_bundle.crt
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
3. Aktifkan SSL dan Virtual Host
Aktifkan modul SSL dan file konfigurasi jika belum:
sudo a2enmod ssl
sudo a2ensite your_domain-le-ssl.conf
Lalu cek konfigurasi:
sudo apache2ctl configtest
Jika muncul Syntax OK, jalankan:
sudo systemctl reload apache2
4. Cek Apakah SSL Sudah Aktif
Kunjungi situsmu dengan https://your_domain.com. Atau test via terminal:
openssl s_client -connect your_domain.com:443
⚠️ Troubleshooting
- “Invalid certificate” → Cek apakah
SSLCertificateChainFilesudah ditambahkan. - “Permission denied” → Pastikan file
.keyhanya bisa dibaca root (chmod 600). - SSL tidak berubah → Coba clear browser cache dan juga restart apache dengan
systemctl restart apache2.
Semoga Bermanfaat.
Salam, Erwan Setyo Budi.
