Century Web Design Century Web Design, Quality web site design, ecommerce, digital certificates and hosting.
Century Web Design
Support
Creating a CSR
Documentational Requirements
Installing a Certificate
Displaying your Secure Site Seal

Digital Certificates
Buy a Certificate now
FAQ'S
Compare Us
Browser Compatibility

General
Home
Other Services
Site Map
Contact Us

256-bit SSL Digital Web Certificates

Installing your Certificate on Apache OpenSSL

Step one: Copy your certificate to file
You will receive an email from Comodo with the certificate in the email (yourdomainname.crt). When viewed in a text editor, your certificate will look something like:

-----BEGIN CERTIFICATE-----
MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAmowggHXAhAF
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAUAMF8xCzAJBgNVBAYTAlVTMSAw
(.......)
E+cFEpf0WForA+eRP6XraWw8rTN8102zGrcJgg4P6XVS4l39+l5aCEGGbauLP5W6
K99c42ku3QrlX2+KeDi+xBG2cEIsdSiXeQS/16S36ITclu4AADEAAAAAAAAA
-----END CERTIFICATE-----

Copy your Certificate into the directory that you will be using to hold your certificates. In this example we will use /etc/ssl/crt/. Both the public and private key files will already be in this directory. The private key used in the example will be labeled private.key and the public key will be yourdomainname.crt.

It is recommended that you make the directory that contains the private key file only readable by root.

Step two: Install the Intermediate Certificates
You will need to install the chain certificates (intermediates) in order for browsers to trust your certificate. As well as your SSL certificate (yourdomainname.crt) two other certificates, named GTECyberTrustGlobalRootCA.crt and ComodoClass3SecurityServicesCA.crt, are also attached to the email from Comodo. Apache users will not require these certificates. Instead you can install the intermediate certificates using a 'bundle' method.

In the Virtual Host settings for your site, in the httpd.conf file, you will need to complete the following:

1. Copy this ca-bundle file to the same directory as httpd.conf (this contains all of the CA certificates in the chain).

2. Add the following line to SSL section of the httpd.conf (assuming /etc/httpd/conf is the directory to where you have copied the ca.txt file). if the line already exists amend it to read the following:

SSLCACertificateFile /etc/httpd/conf/ca-bundle/ca_new.txt

If you are using a different location and certificate file names you will need to change the path and filename to reflect your server.

The SSL section of the updated httpd config file should now read similar to this example (depending on your naming and directories used):

SSLCertificateFile /etc/ssl/crt/yourdomainname.crt

SSLCertificateKeyFile /etc/ssl/crt/private.key

SSLCACertificateFile /etc/httpd/conf/ca-bundle/ca_new.txt

Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:

apachectl stop
apachectl startssl

You are now all set to start using your Comodo certificate with your Apache OpenSSL

For more details please fill in the enquiries form in our contact us section or call us on +44 (0) 870 2242499 or e-mail us at enquiries@centurywebdesign.co.uk

Digital Certificates | Buy a Certificate now | FAQ'S | Browser Compatibility | Compare Us
Support | Creating a CSR | Documentational Requirements | Installing a Certificate
Displaying your Secure Site Seal | Other Services | Site Map | Contact Us

Century Web Design, 9 Wheatley Rd, Cardiff, South Wales, CF5 4LT
Telephone: +44 (0) 870 2242499, email: enquiries@centurywebdesign.co.uk