SSL Certificates

SSL Certs, SSL Certificate, SSL Certificates

Securing Your Online Business

Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2009-12-15 14:23:29.0

TN 7558 - How do I install a chain certificate into C2NET Stronghold?

Question:

How do I install a chain certificate in C2NET Stronghold?

Answer

On startup, Stronghold loads certificates from the file specified by the SSLCACertificateFile entry in its httpd.conf file. To install the Entrust L1C chain certificate, simply add it to this file. Follow these steps:

  1. Open a Web browser and go to the URL that appears in the confirmation email you received from Entrust. Your certificates appear.

  2. The Entrust SSL Certificate is in the section named Entrust SSL Certificate and the Entrust L1C Chain Certificate is in the section named Entrust Chain Certificate.

  3. Open a text editor.
  4. Copy the Entrust L1C Chain Certificate to your clipboard. You must include the----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

  5. Paste the certificate into the text editor and ensure that the entire text is flushed to the left with no leading or trailing whitespace. If there are any extra spaces the server will not recognize the format of the file and you will not be able to install the certificate.

  6. Save the certificate as a .txt file (for example,/tmp/entrustL1Cchaincert.txt).

  7. Close your text editor.

  8. Open your httpd.conf file and find the SSLCACertificateFile entry. The file specified by this entry contains the certificates that Stronghold loads on startup. You must add the Entrust Chain Certificate to this file. By default the entry is SSLCACertificateFile="<server_root>/ssl/CA/client-rootcerts.pem".
    The httpd.conf is located in the following directory: <server_root>/conf.

  9. Open the file identified by SSLCACertificateFile (for example, <server_root>/ssl/CA/client-rootcerts.pem) in a text editor.

  10. Open the file that contains the Entrust L1C Chain Certificate in a text editor (by default this will be /tmp/entrustL1Cchaincert.txt).

  11. Copy the Entrust L1C Chain Certificate (including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines) to the clipboard.

  12. Paste the Entrust L1C Chain Certificate into the file identified by SSLCACertificateFile. In most cases, you will want to insert the Entrust L1C Chain Certificate at the end of the file and add a comment to identify the certificate.

  13. Save the modified file and close the text editor.

  14. Delete the chain certificate file you created in Step 1 (for example, rm /tmp/entrustL1Cchaincert.txt).

  15. Restart your server using <server_root>/bin/reload-server.

You have just installed the Entrust L1C Chain Certificate.

Affected Products:

  • Entrust Certificate Services Enhanced Service Account Version Not Applicable Language Not Applicable Platform Not Applicable

SSL Certificates

buyEV Multi-Domain SSL

buyAdvantage SSL

buyStandard SSL

buyUC Multi-Domain SSL

buyAdobe CDS

buyCode Signing Certificates

buySecure Email Certificates