...
/etc/apache/ssl though I notice there is consideration for protecting the private key.
Storing Public
...
Store the public key in the public folder,
...
| Note |
|---|
The above chown root:root command ensure the signed public key is protected. Also, if you are using a user other than root to start Apache, then adjust the file ownership to that user. |
Storing Private Keys
Ubuntu has a pre-configured location for private keys, /etc/ssl/private.
Notice the permissions on the /etc/ssl/private folder is 710 and owned by root and the group ssl-cert,
...