How to install a SSL Certificate for Convalent Apache ERS 2.4 and Below


Step 1: Obtain Intermediate CA Certificate

  • Copy the Intermediate CA certificate from your Secure128 portal under “Order Details”.
  • Be sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added. Save the file as Intermediate.txt

Step 2: Obtain and Install your SSL Certificate

  • The SSL certificate will be sent by email. The certificate is included as an attachment (Cert.cer) and it is also imbedded in the body of the email.
  • Copy and paste the certificate into a text file using Vi or Notepad
  • The text file should look like this:

-----BEGIN CERTIFICATE----- [encoded data] -----END CERTIFICATE-----

  • Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.
  • To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: public.crt
  • After you receive your signed Server Certificate, copy it to a temporary directory.
  • Select Install CA Signed Certificate from the Covalent SSL Certificate and Key Management Tool. You are prompted for the path to the temporary directory that contains the signed server certificate file. Covalent SSL installs the signed server certificate:
    • The signed server certificate is stored in the directory /path/to/ssl1.5/certs.
    • Its name is the same as it was as a temporary server certificate, yourserver.domain.cert (for example: www.covalent.net.cert).

NOTE: The process of signing your server certificate has no effect on your private key.

  • It is necessary and valid for its corresponding server certificate. The Private Key is stored in the directory /path/to/ssl1.5/keys Its name is yourserver.domain.key (for example: www.covalent.net.key).
  • In the Virtual Host settings for your site, in the httpd.conf file, you will need to add the following SSL directive:

    • SSLCACertificateFile /path/to/ssl1.5//intermediate.crt

NOTE: This directive specifies the location of the intermediate certificate. If you are using a different location or certificate file name than the example above (which most likely you are) you will need to change the path and/or filenames.

  • If your server is running, stop the server by executing: /path/to/apache1.3/bin/covalent-faststart-ctl stop
  • Start the server with Covalent SSL by executing: /path/to/apache1.3/bin/covalent-faststart-ctl startssl
  • During server start-up, you will be prompted to enter the pass phrase for the server certificate.
  • Back up the signed server certificate and store it with a backup of its corresponding private key.

Verify your Certificate is installed correctly

BACK