Want https to work for your website? Here are the steps to create an SSL certificate to use with Apache.
Generate private key
$ openssl genrsa -out ca.key 2048
$ openssl req -new -key ca.key -out ca.csr
With your CSR, you can send to a third-party to sign or self-sign. Self-signed certificates will produce warnings in browsers, so you may want to consider having a Certificate Authority sign your certificate.
Generate Self-Signed Key
$ openssl x509 -req -days 1095 -in ca.csr -signkey ca.key -out ca.crt
Move keys to where Apache will use them. This is the CentOS structure:
$ mv ca.crt /etc/pki/tls/certs/ca.crt
$ mv ca.key /etc/pki/tls/private/ca.key
$ mv ca.csr /etc/pki/tls/private/ca.csr
Secure these files with chown root and chmod 600. Permissions can be restrictive since Apache will read these in as root when starting.
Assuming you already have Apache set up for Virtual Hosts, you might have a config like this in your /etc/httpd/conf/httpd.conf:
ServerAlias example.com *.example.com
CustomLog logs/example.com-access_log common
Or better yet, for ease of maintenance, extract each Virtual host into its own config file (for example, /etc/httpd/conf/vhosts/example.com.conf). Next, add an include in your httpd.conf:
Now restart Apache
$ apachectl restart
Related link: Redirect http to https with Apache mod_rewrite