Apache and CA OpenSSL

In relation to one of my recent projects, I finally bit the bullet and aquired a SSL certificate from a proper CA. Deciding to keep the costs to a minimum, but without sacrificing what I need, I went for Comodo PositiveSSL Wildcard. Since their documentation was outdated and invalid, I'm gonna note the actual steps for installing it.

Generate A 2048-Bit Key (Add -des3 If You Want Password Protection)
# openssl genrsa -out thronic.com.key 2048

Generate a CSR (Certificate Signing Request) To The CA # openssl req -new -key thronic.com.key -out thronic.com.csr

Go through the activation process on CA website and retrieve CA files. Namecheap.com in my case.

Create The ca-bundle From The Extra Files (File-Order Is Important)
# cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > thronic.ca-bundle

Move Files To A Secure Location, Secure The Key
# mkdir /somewhere/SSL
# cp thronic.ca-bundle /somewhere/SSL/
# cp thronic.com.key /somewhere/SSL/
# cp STAR_thronic_com.crt /somewhere/SSL/
# chmod 640 /somewhere/SSL/thronic.com.key

Activate SSL Module
# a2enmod ssl

Create SSL VirtualHost
# cp /etc/apache2/sites-enabled/thronic.com /etc/apache2/sites-available/thronic.com.ssl

Change it to wrap <IfModule.c mod_ssl.c> </IfModule>, around the <VirtualHost *:443> directive (changed to SSL port).

Adapt New Virtualhost with Correct SSL Paths
SSLEngine on
SSLCertificateFile /somewhere/SSL/STAR_thronic_com.crt
SSLCertificateKeyFile /somewhere/SSL/thronic.com.key
SSLCertificateChainFile /somewhere/SSL/thronic.ca-bundle

Set NameVirtualHost in /etc/apache2/ports.conf
<IfModule mod_ssl.c>
NameVirtualHost *:443
Listen 443
</IfModule>

Now the website is hosted on both HTTP and HTTPS, in their respective virtualhost files that are individually managed.

Reload Apache2
# service apache2 reload