Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Apache webserver.

  1. Obtain a certificate from a trusted CA. For Let's Encrypt:

    sudo apt install certbot python3-certbot-apache
sudo certbot --apache -d yourdomain.com

  2. In the Apache SSL VirtualHost, configure:

    SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.com/chain.pem

  3. Reload Apache:

    sudo systemctl reload apache2
Back to top