SSL Certificate Symlinks
Using Commercial Certificates? Have multiple vhosts that use the same SSL certificate? Using a wildcard SSL Certificate?
Symlinking your SSL Certificate files might make your life easier.
Create your SSL Certificate files in the appropriate location. On the Redhat family of Linuxes
/etc/pki/tls/certs
for certificate files/etc/pki/tls/private
for private keys
Using a wildcard certificate for example.com, you might have these files:
/etc/pki/tls/certs/2021-03-25-wildcard.example.com.crt
/etc/pki/tls/certs/2021-03-25-wildcard.example.com.ca.crt
/etc/pki/tls/private/2021-03-25-wildcard.example.com.key
Create symlinks like these, and you can replace the symlinks every year when you get a new cert.
# ln -s /etc/pki/tls/certs/2021-03-25-wildcard.example.com.crt /etc/pki/tls/certs/wildcard.example.com.crt
# ln -s /etc/pki/tls/certs/2021-03-25-wildcard.example.com.ca.crt /etc/pki/tls/certs/wildcard.example.com.ca.crt
# ln -s /etc/pki/tls/private/2021-03-25-wildcard.example.com.key /etc/pki/tls/private/wildcard.example.com.key
In your Apache config, then you can use
SSLCertificateFile /etc/pki/tls/certs/wildcard.example.com.crt
SSLCACertificateFile /etc/pki/tls/certs/wildcard.example.com.ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/wildcard.example.com.key
To remove the symlinks:
# rm /etc/pki/tls/certs/wildcard.example.com.crt
# rm /etc/pki/tls/certs/wildcard.example.com.ca.crt
# rm /etc/pki/tls/private/wildcard.example.com.key
Then re-create them as shown above, with the new filenames.