Hello all I have an Apache webserver and I want to enable it to serve contents over https. In order to understand the entire workflow of certificate management and how https works I have created my own CA. Essentially I have generated a self signed certificate for my CA and installed in my browser as a truested CA. Next I have generated a certificate for the server and signed it with the private key of the CA.
Now I am ready to install the server certificate on the machine where Apache runs. Here is my question: Where will the certificate be placed in the filesystem? Is there any recomended location? The information I can find on the internet about this issue is not convincing. Let me explain why: - some people mention /etc/ssl/certs as the appropriate location Isn't this folder used for Trusted CAs instead of server certificates? Another objection about this location: isn't this location managed by update-ca-certificates? - some pages tell you to create a folder "localcerts" under /etc/ssl/ Why create it here? The entire /etc/ssl/ is managed by the os sofware. Why should I interfere with the OS software? - other pages do not specify any prefered location (e.g. the Apache documentation) - other pages say to no store the certificate inside the Apache configuration folder /etc/apache2 because the certificate is not something which is related to Apache. This advice seems right, because some day I can replace Apache with another server. But where to place it? Thank you Cristian