C2Net Stronghold - Certificate installation
Immediately after being issued, your SSL certificate will be sent to you by email. It is also possible to download the certificate from the Control Panel. The file containing the certificate will have the same name as the domain name it is meant for (for example: www_sslcertificaten_nl.crt).
Certificate Installation
- Login to the server as root (using ssh if preferred).
- If a temporary SSL certificate is saved in Serverroot/ssl/certs, move or delete it.
- Type the following command:[root@server] getca www.sslcertificaten.nl Please Note: replace www.sslcertificaten.nl with the hostname that was used while creating the CSR.
- Open the certificate with a simple text editor, such as notepad, and copy the entire contents including the begin and end lines and all lines. Paste this in the terminal window and wait for a reaction on getca.
- Press Ctrl-D (of a similar EOF command). The certificate is now imported in C2Net Stronghold.
Installation Root- and Intermediate Certificates
If use is being made of a Comodo, Thawte, VeriSign or Geotrust certificates then the root and intermediate certificates must also be installed. These will first need to be combined to one file:
- Save the root and intermediate certificates in a temporary folder.
- Open the the files with a simple text editor such as Notepad.
- Copy the entire contents of the intermediate certificate(s) and paste them by the root certificate at the bottom with one Enter in between, so that it looks like this:-----BEGIN CERTIFICATE-----<coded data rootcertificate>-----END CERTIFICATE----------BEGIN CERTIFICATE-----<coded data first intermediate certificate>-----END CERTIFICATE----------BEGIN CERTIFICATE-----<data second intermediate certificate, if present>-----END CERTIFICATE-----
- On the server, navigeer to /ssl/certs and save this file as ca_new.txt.
- Open httpd.conf and add the following line to cq. Modify this so that it points to the just saved file:
SSLCertificateChainFile ssl/certs/ca_new.txt
- Save the changes and restart the server. The certificate is now active.
All necessary steps to install your web server certificate have now been completed. Please make sure to adequately secure your certificate files, and to store a backup of your private key and web server certificate in a safe location. You should also install the root and intermediate certificates. Check whether the certificate is correctly installed with the SSLCheck and ensure an optimal configuration with these tips and settings.
Please do not hesitate to contact us if you encounter problems or error messages.
SSLCheck
Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues