Installing a Signed SSL Certificate
7 May2007
UPDATE Tuesday December 28, 2010 05:27 GMT+11: I have combined this post and the post it followed up into one more coherent, useful post: Installing an Independently Verified SSL Certificate. This post is preserved in it's original form for historical purposes. The original article this was in follow up to is: Creating a CSR in FreeBSD.
I recently wrote about generating a Certificate Signing Request (CSR) using openssl on FreeBSD.
So I've now received my signed certificate back from Chris Langlands at www.backend.com. It's time to install it! Luckily this is dead easy. All you have to do is take the certificate that's been sent to you, which will look something like this, included in the email from your certificate provider:
-----BEGIN CERTIFICATE-----
MIIDUTCCArqgAwIBAgIDBfUGMA0GCSqGSIb3DQE
MRwwGgYDVQQKExNFcXVpZmF4IFNlY3VyZSBJbmM
IFNlY3VyZSBHbG9iYWwgZUJ1c2luZXNzIENBLTE
MDgwNTA3MDIzOTUxWjCBwDELMAkGA1UEBhMCQVU
bnN3Lmdvdi5hdTETMBEGA1UECxMKR1QzODI4NzY
dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwcyA
YWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUXVpY2t
dy52cGIubnN3Lmdvdi5hdTCBnzANBgkqhkiG9w0
zRDf64/CyTTzG+y2OIMTM2p89MjtGndZPn8FtS6
mNSz7P6LcTWf6ihvQ7fA5bL/nilw3Oc+Aqsl+ts
uTrxpsX50xctEKSSC/29ofwAwPJBwgaaRP2x3j8
Af8EBAMCBPAwHQYDVR0OBBYEFHpx92ZbXkTFv/r
MDIwMKAuoCyGKmh0dHA6Ly9jcmwuZ2VvdHJ1c3Q
LmNybDAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH
AAOBgQAP3oDeE6cK/M2CnAqDAZJIQGdIesBSIdQ
wa7biEylNXIkh4PicCG8ko8S/zGq3qcGElLLpPG
+BIF4vXMDFBsoss8CVGsZsW67Qw2QMLPp66pYyW
-----END CERTIFICATE-----
and save it into a text file on the web server. When I created my CSR I saved my private key file as vpb-key.pem, so I copied that certificate into a file called vpb-cert.pem and saved them as:
/etc/ssl/key/vpb-key.pem
/etc/ssl/crt/vpb-cert.pem
and then added the relevant lines to my Apache httpd.conf:
SSLEngine on
SSLCertificateFile /etc/ssl/crt/vpb-cert.pem
SSLCertificateKeyFile /etc/ssl/key/vpb-key.pem
For more details on configuring Apache to work with SSL, check out this article on FreeBSDMadeEasy.com.
This entry was posted on Monday, May 7th, 2007 at 10:00 pm author iain dooley, freebsd, sysadmin, sysadmins, ssl, server management
Subscribe
Building software in the real world - the Working Software blog
We write about our experiences, ideas and interests in business, software and the business of software. We also sometimes write about our own products (in order to promote them).
Recent Posts
- RSS is only dead if we let it die
- Kill your index.php
- 18 Things I Wish I Knew 7 Years Ago
- When does automation become coding
- A list of things you can do to afford Mixergy Premium in 2012
- Thanks Louis now here is my dad
- Your templating engine sucks and everything you have ever written is spaghetti code yes you
- Energy for Opportunity website is now live
- Escaping single and double quotes in XPath queries in PHP
- The reason that outsourcing software is so difficult