SSL Certificates

SSL Certs, SSL Certificate, SSL Certificates

Securing Your Online Business

Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2008-09-25 12:54:57.0

TN 7575 - Installation of SSL Certificate into Apache with OpenSSL or mod_SSL

Question

How do I install my certificate into Apache?

Answer

Open a web browser and go to the URL that appears in the confirmation email you received from Entrust. Your certificates are displayed. The Entrust SSL Certificate is in the section named "Entrust SSL Certificate".

Your certificate will look something like this: 

-----BEGIN CERTIFICATE-----
MIIC4zCCAkygAwIBAgIBAzANBgkqhkiG9w0BAQUFADBFMQs
wCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW
9uMRwwGgYDVQQDExNHVEUgQ3liZXJUcnVzdCBSb290MB4XD
TAxMDgyMTIwMDIwOVoXDTA2MDEwMTIzNTkwMFowgcMxCzAJ
BgNVBAYTAlVTMRQwEgYDVQQKEwtFbnRydXN0Lm5ldDE7MDk
GA1UECxMyd3d3LmVudHJ1c3QubmV0L0NQUyBpbmNvcnAuIG
J5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjK
SAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxOjA4BgNVBAMT
MUVudHJ1c3QubmV0IFNlY3VyZSBTZXJ2ZXIgQ2VydGlmaWN
hdGlvbiBBdXRob3JpdHkwgZ0wDQYJKoZIhvcNAQEBBQADgY
sAMIGHAoGBAM0ogzRUG4nzD683kTH/rzFgyajoshBo7Z/nk
zbxCmS7R/UEFz8jR03FJxmBJgxUcg2ILdkfmhKfvLNx04AZ
P0dme4w1KNK5Ct8k2pzWUHmBelrTN/fCStgpkiZk0eSYbDo
AivU0m2X47eMQ//24SVjcoN6COWuBsRYZYblUtuZDAgEDo2
YwZDAPBgNVHRMECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBB
jBBBgNVHR8EOjA4MDagNKAyhjBodHRwOi8vY2RwLmJhbHRp
bW9yZS5jb20vY2dpLWJpbi9DUkwvR1RFUm9vdC5jZ2kwDQY
JKoZIhvcNAQEFBQADgYEAgbZwffFU+FjjNYTSoUFyRAAysI
auOknVaLteQPQJxBGLMhXGdfejVBTWLb1UTFBQXNNCiqm8C
o+dYikuVB+0/1habRkb+k4vFe6tn5IvQMnfhZbSJNoXn5Il
GVDWQYlfC0/R1wjfv+U6rzTJbJ7WXX0Ka5jKLKuckXNvu7E
qOA4=
-----END CERTIFICATE-----
  1. Copy the Entrust SSL Certificate to your clipboard. You must include the "----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines.

  2. Paste the certificate into a text editor, and ensure that the entire text is flushed to the left with no leading or trailing white space.

    If there are any extra spaces the server will not recognize the format of the file and you will not be able to install the certificate.

  3. Save the file as /usr/local/apache/conf/ssl.crt/servername.crt

You have just installed your Entrust SSL Certificate.

You will then need to modify you HTTPD.CONF file.

In the section of /usr/local/apache/conf/httpd.conf labeled , ensure that the following entries are correct:

  1. Enable / Disable SSL for this host
    SSLEngine on

  2. Certificate Paths:
    SSLCertificateFile /usr/local/apache/conf/ssl.crt/servername.crt
    SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/servername.key
    SSLCertificateChainFile /usr/local/apache/conf/ssl.crt/ca.crt*

  3. If this is a new install, ensure the Servername entry contains the name of the server (same as Common Name from CSR creation)


* Only required if the Entrust Chain Certifcate was installed

Affected Products:

  • Entrust Certificate Services Enhanced Service Account Version Not Applicable Language Not Applicable Platform Not Applicable

SSL Certificates

buyExtended Validation (EV)

buyAdvantage SSL

buyStandard SSL

buyUnified Communications

buyCode Signing Certificates

buyAdobe CDS