DigiCert SSL Installation

If the instructions below on installing SSL certificates for Apache do not work. We advise you to consult with a vendor or an organisation that supports Apache. 

Install SSL Certificate instructions using the following criteria:

Symantec SSL Assistant Certificate Installation

  1. Download your certificate from the unique secure link provided via order fulfilment mail. It should contain the following.
  • SSL certificate
  • Intermediate CA certificate
  • SSL Assistant which is the installation tool
  1. Unzip the downloaded files on the server where you want to install the certificate
  2. Follow the instructions provided in getting_started.txt file then go to the SSL Assistant folder.

Install Your SSL Certificate Manually

Update the either one of httpd.conf or the ssl.conf files with the directives given below:

  1. Download your certificate from the unique secure link provided via order fulfilment mail. It should contain the following
  • SSL certificate
  • Intermediate CA certificate
  • SSL Assistant which is optional
  1. Unzip the downloaded files on your server
  2. Copy both the End Entity certificate and intermediate CA certificate where you keep the private key file generated when making the CSR. The httpd.conf or ssl.conf files then need updating.
  3. Ensure that these files are available in the Virtual Host section of httpd.conf or ssl.conf files. Add them if they are not available: 
  • SSLCertificateFile /usr/local/ssl/crt/public.crt
  • SSLCertificateKeyFile /usr/local/ssl/private/private.key
  • SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt

Versions of Apache that do not accept the SSLCertificateChainFile directive should use SSLCACertificateFile instead. E.g. 

  1. Save the httpd.conf or ssl.conf file and restart Apache. Run this script

sudo apachectl stop

sudo apachectl start

To verify the install of your certificate, please use the RapidSSL Installation Checker.

Partner issued certificates

  1. Download the SSL certificate from User Portal. Follow the following criteria:
  • Access the RapidSSL User Portal.
  • Provide the common name (use the most recentor order number, email associated with the certificate order and Image number generated from the GeoTrust User Authentication page.
  • Select Request Access after which an email sends to the Technical contact Email given.
  • Click on the link given in the email to access the user portal and then click View Certificate Information.
  • Select the x.509 format and then copy the certificate to the directory that holds certificates
  1. Download Intermediate CA certificate
  • Download the intermediate CA certificate and copy it into the directory that holds the certificates.
  1. Configure the server

Ensure that these files are available in the Virtual Host section of your apache conf files. Add them if they are not available: 

  • SSLCertificateFile 
  • SSLCertificateKeyFile
  • SSLCertificateChainFile 

Versions of Apache don’t accept the SSLCertificateChainFile directive should use SSLCACertificateFile instead. E.g.

VirtualHosts in the httpd.conf file should be configures as shown:

<VirtualHost [IP ADDRESS]:443>
	ServerAdmin [admin email address]             
	DocumentRoot /[path]/[to document root]
	ServerName [site address]
	ErrorLog /path/[error log]
	SSLEngine on
	SSLProtocol all
	SSLCertificateFile /[path]/[server certificate file]
	SSLCertificateKeyFile /[path]/[private key file]
	SSLCertificateChainFile /[path]/[intermediate certificate file]
	ServerPath /[path]
<Directory "/path]">
</Directory>
</VirtualHost>

Save the httpd.conf file and restart Apache using the Script: 

apachectl stop

apachectl startssl

 Use the RapidSSL Installation Checker to verify the install SSL certificate is working correctly

Categories:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *