Install the service
```
yum -y install httpd 
```
Enable the Service
```
systemctl enable httpd
```

Create SSL Certificates

######################
# CENTOS
# Generate Test Certificate
# Generate Key
openssl genrsa -des3 -out /etc/pki/tls/private/pcr360_test.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/pki/tls/private/pcr360_test.key -out /etc/pki/tls/private/pcr360_test.key
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/pki/tls/private/pcr360_test.key -out pcr360_test.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_test.csr -signkey  /etc/pki/tls/private/pcr360_test.key -out /etc/pki/tls/certs/pcr360_test.crt

# Generate Production Certificate
# Generate Key
openssl genrsa -des3 -out /etc/pki/tls/private/pcr360_prod.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/pki/tls/private/pcr360_prod.key -out /etc/pki/tls/private/pcr360_prod.key
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/pki/tls/private/pcr360_prod.key -out pcr360_prod.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_prod.csr -signkey  /etc/pki/tls/private/pcr360_prod.key -out /etc/pki/tls/certs/pcr360_prod.crt

######################
# UBUNTU
# Generate Test Certificate
# Generate Key
openssl genrsa -des3 -out /etc/ssl/private/pcr360_test.key 4096  
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/ssl/private/pcr360_test.key -out /etc/ssl/private/pcr360_test.key 
# Generate Certificate Signing Request
openssl req -new -sha256 -key /etc/ssl/private/pcr360_test.key -out pcr360_test.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_test.csr -signkey  /etc/ssl/private/pcr360_test.key -out /etc/ssl/certs/pcr360_test.crt

# Generate Production Certificate
# Generate Key
openssl genrsa -des3 -out /etc/ssl/private/pcr360_prod.key 4096 
# Remove the passcode from the key. This prevents needing to enter the passcode every time Apache is restarted
openssl rsa -in /etc/ssl/private/pcr360_prod.key -out /etc/ssl/private/pcr360_prod.key
# Generate Certificate Signing Request (CSR)
openssl req -new -sha256 -key /etc/ssl/private/pcr360_prod.key -out pcr360_prod.csr
# Generate Certificate 
# This is only needed if setting up a self-signed certificate
# In most cases, the CSR needs to go to the customer to get the signed certificate
openssl x509 -sha256 -req -days 365 -in pcr360_prod.csr -signkey  /etc/ssl/private/pcr360_prod.key -out /etc/ssl/certs/pcr360_prod.crt

Install SSL Mod

 yum -y install mod_ssl mod_headers mod_http2

Restart Apache
```
systemctl restart httpd
```

Browser not supported