This is recorded from CentOS4, httpd-2.0.63

To start, we make sure we have httpd and mod_ssl installed:

# yum install httpd mod_ssl
# cd /etc/httpd/conf
# vi openssl.conf

After we enter your copy of openssl.conf, we'll modify the Makefile - in the section for the target "$(CRT):", append two lines:

        cp $(KEY) $(KEY).orig
        openssl rsa -in $(KEY) -out $(KEY)

Now we can create the CSR:

# rm ssl.key/server.key
# make certreq

Then take the newly created ssl.csr/server.csr and send it to your CA for signing. After you get the signed cert back, put the crt file in ssl.crt/server.crt. If you also get a certificate chain file, also put it in ssl.crt/ca.crt.

Now edit the file /etc/httpd/conf.d/ssl.conf, and make sure the propterties SSLCertificateFile, SSLCertificateKeyFile are enabled and point to the proper file. If you have ssl.crt/ca.crt, then make sure SSLCertificateChainFile is enabled to point to the proper file path.

If you use virtual host, then in each <VirtualHost> section for port 443, make sure you have

    SSLEngine on
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
    SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
    SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt

Then you should be able to start or restart httpd.