| January 06, 2009 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Step one: Copy your certificate to file
You will receive an email from Comodo with the certificate in the email
(yourdomainname.crt). When viewed in a text editor, your certificate
will look something like:
-----BEGIN CERTIFICATE-----
MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAmowggHXAhAF
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAUAMF8xCzAJBgNVBAYTAlVTMSAw
(.......)
E+cFEpf0WForA+eRP6XraWw8rTN8102zGrcJgg4P6XVS4l39+l5aCEGGbauLP5W6
K99c42ku3QrlX2+KeDi+xBG2cEIsdSiXeQS/16S36ITclu4AADEAAAAAAAAA
-----END CERTIFICATE-----
Copy your Certificate into the directory that you will be using to hold
your certificates. In this example we will use /etc/ssl/crt/. Both the
public and private key files will already be in this directory. The
private key used in the example will be labeled private.key and the
public key will be yourdomainname.crt. It is recommended that you make
the directory that contains the private key file only readable by root.
Step two: Install the Intermediate Certificate
You will need to install the Intermediate CA certificates in order for
browsers to trust your certificate. The Intermediate CA certificates are
contained within the ca-bundle file that was attached to your email in
the zip file (this should be named your SERVERNAME.ca-bundle). In the
relevant Virtual Host section for your site, you will need to complete
the following in get this file correctly reference:
Copy the. SERVERNAME.ca-bundle file to the same directory as certificate
and key files and name it ca.txt
Add the following line to the SSL section of the httpd.conf (assuming
/etc/httpd/conf/ is the directory to where you have copied the
intermediate CA file) If the line already exists amend it to read the
following:
SSLCACertificateFile /etc/httpd/conf/SERVERNAME.ca-bundle
If you are using a different location and certificate file names you
will need to change the path and filename to reflect the path and file
name that you are using. The SSL section of the updated config file
should now read similar to this example (depending on the file name and
directories used):
SSLCertificateFile /etc/ssl/crt/yourdomainname.crt
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCACertificateFile /etc/ssl/crt/SERVERNAME.ca-bundle
Save your config file and restart Apache.
 |
© 2005
OSGEN Network Services Inc.
All Rights Reserved. |
