Some examples of how to install on Apache the certificates:

SSLCertificateFile /home/dsorescu/private/html/ssl/sorescu.eu.crt
SSLCertificateChainFile /home/dsorescu/private/html/ssl/sorescu.eu.pem #the CA file
SSLCertificateKeyFile /home/dsorescu/private/html/ssl/sorescu.eu.key

Most of people will also be tempted to enable the SSL comprssion as following:

SSLCompression on

Using compressed SSL poses a security leak very easy to understand and to exploit; the explaination is as following (all entities mentioned below are fictional and meant to ease the understanding of the method):

1. your internet operator (or the IT department from your work) can listen to your compressed SSL requests (obviously they cannot decrypt them);
2. the operator will modify your HTTP (non-secure) pages to include a small invisible image as following: <img src='https://dragos-matei.sorescu.eu/scrambled-image-name-freaky-url.png'/>;
3. the network operator will measure the length of the browser request (the request will contain the cookies and the image fake url in a compressed and encrypted version);
4. the network operator knows that once the url will contain repeating keywords (including passwords), the compressed SSL request will be shorter.

For this task to be successful, the operator (or your employer) should know a bit about which cookies the target site is using (this is not protected), and they have to use your browser to make lots of requests based on various possible passwords.
A way to ameliorate the speed of detection is to give up the brute force, but use orthogonal and white-noise techniques, which allows the attacker to send few very long requests with random information and see which of the requests is "closer" to your cookie values.
This works on the principle that the size of the compressed text decreases with the similarity of its components.
More details on: Short explanation from TheRegister.co.uk and Security.StackExchange.com.