| Apache Mod_SSL & Open SSL |
|
 |
 |
Copy
your certificate to a note pad file
You will receive an email from
EBIZID with the certificate attached in the email (www.yourdomainname.crt or www.yourdomainname.crt.zip).
When viewed in a text editor, your certificate will look something like the
following:
-----BEGIN CERTIFICATE-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAUAMF8xCzAJBgNVBAYTAlVT
MSAwHgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMl
U2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTA4
MDIwMDAwMDBaFw0wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUzERMA8G
A1UECBMIVmlyZ2luaWExETAPBgNVBAcUCFJpY2htb25kMSAwHgYDVQQKFBdD
YXZhbGllciBUZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0GCSqGSIb3
DQEBAQUAA4GNADCBiQKBgQC8x/1dxo2YnblilQLmpiEziOqb7ArVfI1ymXo/
MKcbKjnY2Axc45IelP3LHz+/N0Z/M4N0Noa9eJPiIpRuVMToegtQ9TQuxqRq
mrE6tECJja5g0hLRwl/WnHSxg6YbRRsFxB0H9HShyf9bYmBJ8FYCu6HpWT7p
5SVCfj5wjhGxnQIDAQABMA0GCSqGSIb3DQEBBAUAA34AiwLwK76NzWNPn5Zw
fdvpok8Nd3adgUL3yi0MUOb6Ws1EaddUKUqpNiNsE+cFEpf0WForA+eRP6Xr
aWw8rTN8102zGrcJgg4P6XVS4l39+l5aCEGGbauLP5W6
-----END CERTIFICATE-----
Copy your Certificate into
the directory that you will be using to hold your certificates.
In this example we will use /etc/ssl/crt/. Both the public and
private key files will already be in this directory. The private
key used in the example will be labeled private.key and the public
key will be yourdomainname.crt
It is recommended that you make the directory
that contains the private key file only readable by root.
Install
the Intermediate Certificates
You will need to install the
chain certificates (intermediates) in order for browsers to trust
your certificate. As well as your SSL certificate.
UTNAddTrustServerCA.crt
AddTrustExternalCARoot.crt
These certificates should come attached with the domain certificate in the email from EBIZID.
Apache users will not require these certificates seperatly. Instead you can
install the intermediate certificates using a 'bundle' method. This bundle file will come attached in the email from EBIZID with your domain certificate.
www_yourdomain_com.ca-bundle
In the Virtual Host settings
for your site, in the httpd.conf file, you will need to complete
the following:
1. Copy
the ca-bundle file to the same directory as httpd.conf
(this file contains all of the CA certificates in the chain).
Right click the following link(s) and save the file to your desktop.
2. Add
the following line to SSL section of the httpd.conf (assuming
/etc/httpd/conf is the directory to where you have copied the
ca.txt file). if the line already exists amend it to read the
following:
SSLCACertificateFile /etc/httpd/conf/ca-bundle/www_yourdomain_com.ca-bundle
| If you are using a different location and
certificate file names you will need to change the path and
filename to reflect your server. |
The SSL section of the updated
httpd config file should now read similar to this example (depending
on your naming and directories used):
SSLCertificateFile /etc/ssl/crt/yourdomainname.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCACertificateFile /etc/httpd/conf/ca-bundle/www_yourdomain_com.ca-bundle
Save your httpd.conf
file and restart Apache. |
|
