Once you receive the email with your certificate, follow the below
instructions to install your EBIZID SSL Certificate.
| There are TWO certificates that need to be installed during
this process. The first is the "Site" certificate, contained in the email
from EBIZID. The second is the "Bundled intermediate certificate" |
Open
the certificate file
www_yourdomain_com.crt
-----BEGIN CERTIFICATE-----
MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAmowggHXAhAF
(.......)
K99c42ku3QrlX2+KeDi+xBG2cEIsdSiXeQS/16S36ITclu4AADEAAAAAAAAA
-----END CERTIFICATE-----
Copy your Certificate into the directory that you will be
using to hold your certificates. In this example we will use
/etc/ssl/crt/. Both the public and private key files will already
be in this directory. The private key used in the example will
be labelled private.key and the public key will be yourdomainname.crt.
It is recommended that you make the directory that contains the private key
file only readable by root.
Login to the Administrator console and select the site that
the certificate was requested for.
Select Services, then Actions next to Apache Web Server and then SSL Settings.
There should already be a 'Self Signed' certificate saved.
Select 'Import' and copy the text from the yourdomainname.crt
file into the box
Select 'Save', the status should now change to successful.
Now, Logout, DO NOT select delete as
this will delete the installed certificate.
Install the Intermediate/Root Certificates
You
will need to install the Intermediate and Root certificates
in order for browsers to trust your certificate. As well as
your SSL certificate ( www.yourdomainname.crt )
www_yourdomain_com.ca-bundle
or
UTNAddTrustServerCA.crt
AddTrustExternalCARoot.crt
In the Virtual Host settings for your site, in the virtual
site file, you will need to add the following SSL directives.
This may be achieved by:
1. Copying the CAbundle
file to the same directory as the certificate (this contains
all of the ca certificates in the chain, exept the yourdomainname.crt).
2. Add the following line to the virtual host file under the
virtual host domain for your site (assuming /etc/httpd/conf
is the directory mentioned in 1.), if the line already exists
amend it to read the following:
SSLCACertificateFile /etc/httpd/conf/ca-bundle/www_yourdomain_com.ca-bundle
If you are using a different location and certificate file
names you will need to change the path and filename to reflect
this.
The SSL section of the updated virtual host file should now read similar to
this example (depending on your naming and directories used):
SSLCertificateFile /etc/ssl/crt/yourdomainname.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCACertificateFile /etc/httpd/conf/ca-bundle/www_yourdomain_com.ca-bundle
| Save your virtual
host file and restart Apache. |
| An alternative to the above installation procedure is to
install the certificates through a command line in apache. |
|
