First you should create .key file like below. This key file is private therefore don’t share with anyone.
$ openssl genrsa -des3 -out /<your ssl folder>/private.key 2048
Then you have to create .csr file to get certificate file using your key file. It will ask you some questions.
$ openssl req -new -key /<your ssl folder>/private.key -out /<your ssl folder>/ssl.csr
Then upload csr file to certificate authority web page. You will get certificate and chain bundle files.
Add SSL certificate definations to the site config file in apache web server.
<VirtualHost *:443> ... ... SSLEngine on SSLCertificateFile /<your ssl folder>/certificate.crt SSLCertificateKeyFile /<your ssl folder>/private.key SSLCACertificateFile /<your ssl folder>/chain_bundle.pem ... ... </VirtualHost>
If you get SSL sertificate from Comodo SSL. You have to create your chain bundle file like below.
$ cat AAACertificateServices.crt USERTrustRSAAAACA.crt SectigoRSADomainValidationSecureServerCA.crt > /<your ssl folder>/chain_bundle.pem