Installing ssl certiciface on apache

Edit your vhost file located at /apache2/conf/extra/httpd-vhosts.conf if you're using bitnami stacks.

Add the following secure vhost file to enable SSL on your site

<VirtualHost *:443>

    DocumentRoot "/opt/lampstack-5.5.31-0/apache2/htdocs/your_site/public"

    ServerName yoursite.com:443

    ServerAlias www.yoursite.com:443

    <Directory "/opt/lampstack-5.5.31-0/apache2/htdocs/yoursite/public">

        DirectoryIndex index.php

        AllowOverride All

        Order allow,deny

        Allow from all

    </Directory>

    SSLEngine on

    SSLCertificateFile /opt/lampstack-5.5.31-0/apache2/conf/yoursite.crt

    SSLCertificateKeyFile /opt/lampstack-5.5.31-0/apache2/conf/yoursite.key

</VirtualHost>

if You would like to konw how the private key and csr file can be generate, go to the following link 

http://laraveldevelopmentonwindows.blogspot.com/2016/04/adding-ssl-to-laravel-site-running-on.html

Installing intermediate File
Some browser may tell that your ssl certificate is not secured and you might need to install intermediate chain file to remove that error

https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO6252

https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=INFO1548

Go to the above link to copy the certificate contents.
In your server, create a new file yoursite_intermediate.crt file
below SSLCertificateKeyFile line in your virtual host settings, add the following line

SSLCertificateChainFile /opt/lampstack-5.5.21-0/apache2/conf/yoursite_intermediate.crt
if SSLCertificateChainFile is not working for some server, use SSLCertificateFile instead

Restart apache server

Adding SSL to laravel site running on apache server

To activate an SSL certificate you need to submit a CSR (Certificate Signing Request) on ssl provider site. CSR is a block of code with encrypted information about your company and domain name. Usually CSR openssl configuration contains by default the details as follows below:

• Common Name (the domain name certificate should be issued for)
• Country
• State (or province)
• Locality (or city)
• Organization
• Organizational Unit (Department)
• E-mail address

It’s usually openssl that is used for CSR generation on Apache or Nginx web servers. It’s included by default in web servers’ properties. So if you have a web server installed, you will hardly need to install openssl additionally.

To generate a CSR run the command below in terminal:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

We recommend you replace ‘server’ with the domain name the certificate will be issued for to avoid further confusion.

The command starts the process of CSR and Private Key generation. The Private Key will be required for certificate installation.

You will be prompted to fill in the information about your Company and domain name.

Country Name (2 letter code) [AU]:SG
State or Province Name (full name) [Some-State]:PlayRivals
Locality Name (eg, city) []:Singapore
Organization Name (eg, company) [Internet Widgits Pty Ltd]:JoyDash Pte Ltd
Organizational Unit Name (eg, section) []:NA
Common Name (e.g. server FQDN or YOUR name) []:*.playrivals.com
Email Address []:admin@joydash.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:your_password
An optional company name []:JoyDash

It is strongly recommended to fill all the required fields in. If a field is left blank, the CSR can be rejected during activation. For certificates with domain validation it is not mandatory to specify “Organization” and “Organization Unit” -you may fill the fields with ‘NA’ instead. In the Common Name field you need to enter the domain name the certificate should be issued for.

Please use only symbols of English alphanumeric alphabet. Otherwise the CSR can be rejected by a Certificate Authority.

If the certificate should be issued for a specific subdomain, you need to specify the subdomain in ‘Common Name’. For example ‘sub1.ssl-certificate-host.com’.

In case of Wildcard certificates, the domain name should start with an asterisk as in ‘*.ssl-certificate-host.com’

Geotrust Domain Validated certificates (QuickSSL Premium, RapidSSL) work for a main domain name with and without www only if it is issued for a domain name with www (www.ssl-certificate-host.com).

Once all the requested information is filled in, you should have *.csr and *.key files in the folder where the command has been run.

*.csr file contains the CSR code that you need to submit during certificate activation. It can be opened with a text editor. Usually it looks like a block of code with a header: “-----BEGIN CERTIFICATE REQUEST----“ It is recommended to submit a CSR with the header and footer.

*.key file is the Private Key, which will be used for decryption during SSL/TLS session establishment between a server and a client. It has such a header: “-----BEGIN RSA PRIVATE KEY-----“ Please make sure that the private key is saved as it will be impossible to install the certificate without it on the server afterwards.