Home / Installing mod_ssl on Apache on CentOS 5

Installing mod_ssl on Apache on CentOS 5

I was moving a customer’s website from its old dedicated web server to a shiny new one, installing CentOS 5 on it with Apache 2.2 (known simply as "httpd" on RedHat Enterprise Linux and therefore CentOS, which is derived from RHEL) and MySQL 5.0. They already had a secure certificate running on the old site, so I copied the certificate files over and the secure server settings into the appropriate configuration file.

"Invalid command ‘SSLEngine’" Error

I then ran the command

sudo service httpd reload

to reload Apache and take in the new configuration settings but instead of it being reloaded I got this error message instead:

Syntax error on line 35 of /etc/httpd/vhosts.d/plates.conf:
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration 

Checking to see if mod_ssl was installed

I had forgotten to install mod_ssl as part of Apache. I then ran the command:

yum search mod_ssl

which revealed:

$ yum search mod_ssl
Loading "installonlyn" plugin
Setting up repositories
Reading repository metadata in from local files

mod_ssl.x86_64                           1:2.2.3-6.el5.centos.1 base
Matched from:
mod_ssl
The mod_ssl module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.

mod_ssl.x86_64                           1:2.2.3-7.el5.centos   updates
Matched from:
mod_ssl
The mod_ssl module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.

Install mod_ssl and restart Apache

So all I needed to do was:

sudo yum install mod_ssl 

This automatically configured Apache to use SSL when it was restarted, by adding the file /etc/httpd/conf.d/ssl.conf which contains the necessary stuff to enable SSL. I restarted Apache with the following command and was good to go:

sudo service httpd restart

Update: I discovered that there were errors and it wasn’t actually using the valid secure certificate. Read more details about this in the Default virtualhost’s secure certificate used with mod_ssl post.