Pre-requisites:
A system with CentOS Stream 9 installed and running
Access to a terminal or command line
Root or sudo privileges
GoDaddy Domain Validation SSL Certificate
Connect to your remote system using SSH
In the terminal, type the following command
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
Replace yourdomain with the domain name you’re securing
Enter the requested information
Open the CSR in a text editor and copy all of the text
Paste the full CSR into the SSL enrollment form in your account
Next, prove domain control. Multiple options are provided. I chose adding a TXT record to the DNS
Go to your GoDaddy product page and select ssl certificates and manage. Next, select server type and download zip file under download certificate
On CentOS, the SSL directory should be
To store your certificate
to /etc/pki/tls/certs directory
Save your private keys
to /etc/pki/tls/private directory
Next, find the apache virtual hosts conf file for your domain
Port 443 is the default HTTPS port. Here is an example configuration:
<VirtualHost *:443> ServerName mydomain.com ServerAlias www.mydomain.com DocumentRoot /var/www/domain SSLEngine On SSLCertificateFile /path/to/ssl/cert.crt SSLCertificateKeyFile /path/to/ssl/key.key </VirtualHost>
Run the following command to check your Apache configuration file for errors:
apachectl configtest
You will need to ensure that the Apache mod_ssl module is installed on your system for enabling HTTPS encryption
dnf install mod_ssl
You can verify the SSL certificate on your web server to make sure it is correctly installed
https://www.sslshopper.com/ssl-checker.html
https://www.whynopadlock.com
GoDaddy offers a variety of plans for your needs. Compare GoDaddy SSL plans and pricing
If the HTML code of your page has “http://” links, you may find not secure or mixed content warnings. To fix this you need to replace with “https://” or a relative URL
If there is no padlock, these are the things you can do to fix the problem
Check your HTTPS redirect settings
Rekey your certificate
Reinstall your certificate