Apache SSL

Resolution

Your SSL certificate will be sent imbedded in the body of the email, copy the code including the ----- BEGIN CERTIFICATE ----- & ----- END CERTIFICATE ----- and paste it into a text editor like Notepad or Vi. Do not use Microsoft Word or other word processing programs that may add characters or additional spacing. Confirm that there are no extra lines or spaces in the file.

1.  After pasting the certificate code in a text editor, save the filename with a .crt extension. For example: cert.crt
2.  Save the certificate file into a directory, for example /usr/local/ssl/crt/cert.crt - Note the path and filename the certificate file was saved in as it will need to be referenced in the next step.
 
Configure the Server
 
In order to use the key pair, the httpd.conf file will need to be updated. Open the httpd.conf configuration file and find the Virtual Host settings.
 
Verify that you have the following 2 directives within this Virtual Host and add them if they are not present: 
 
SSLCertificateFile /usr/local/ssl/crt/public.crt  

SSLCertificateKeyFile /usr/local/ssl/private/private.key  

The first directive tells Apache how to find the Certificate File and the second one where the private key is located.
 
If you are using a different location and certificate file names than the example above (which most likely you are) you will need to change the path and filename to reflect your server.
 
Note: Some instances of Apache contain both a httpd.conf and ssl.conf file. Please enter or amend the httpd.conf or the ssl.conf with the above directives. Do not enter both as there will be a conflict and Apache may not start.
 
3. Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:  
 
apachectl stop  

apachectl startssl
  
Check that apache has successfully started. It's recommended you check the apache error logs if apache fails to start for hints on the problem.

**

For instructions on creating a Private Key and CSR in apache please see SO6410

Disclaimer:

Firehost has made efforts to ensure the accuracy and completeness of the information in this document. However, Firehost makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Firehost assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.

Further, Firehost assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Firehost reserves the right to make changes to any information herein without further notice.
  • 0 Utenti hanno trovato utile questa risposta
Hai trovato questa risposta utile?

Related Articles

Webstar 4.x Server

Your Geotrust certificate will be sent via email. If the certificate is included as an...

Weblogic 6.0

GeoTrust will email you your certificate. If the certificate is an attachment (Cert.cer), you...

Weblogic 8.1

GeoTrust will email you your certificate. If the certificate is an attachment (Cert.cer), you...

Cisco ACS 3.2

Geotrust will email you your certificate. If the certificate is an attachment (Cert.cer), you...

Citrix Secure Gateway (Command-line interface)

Log on as the root user at the Secure Gateway server. At the command prompt,...