Installing an SSL certificate on Apache via Ensim Webppliance 3.1.x

Part one: Download and save certificates

1. Open the email we sent you, that contains the certificate for your domain name.

2. Copy the certificate, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

3. Paste the certificate into a blank document in a text editor. Use an editor that will not add characters, such as TextPad.

4. Save the document. We recommend that you name it YourDomainName.crt and save it to /etc/ssl/crt.

   We recommend that you also back up your certificate on another computer or storage device.

5. Confirm which certificate you purchased, and determine which set of Intermediate certificate(s) to download.

   To confirm which certificate you purchased, review your order confirmation.

   • If you purchased SBS Instant, download set A below.

   • If you purchased SBS Secure or Secure Plus, download set B below.

   A -- SBS Instant

   • Instant Validation SBS Intermediate 2 CA
   • Instant Validation AddTrust Intermediate 1 CA

   -OR-

   B -- SBS Secure and Secure Plus

   • Full Validation Intermediate CA

6. Download the Root-Intermediate set for your domain name certificate. To download, right-click each certificate file name and select Save Target As.

   Save the Root and Intermediate certificates to the same directory where you saved the certificate for your domain name.

Part two: Install the certificate for your domain

1. Log on to the Administrator console and select the site that the certificate was requested for.

2. Click Services, then Actions next to Apache Web Server and then SSL Settings. There should already be a 'Self Signed' certificate saved.

   

3. Click Import and copy the text from the YourDomainName.crt file into the box.

   

4. Select Save. The status should now change to Successful.

   

5. Log out. Do not click Delete as this will delete the installed certificate.

Part three: Install the Intermediate certificate(s)

Intermediate certificates link the certificate for your domain name to the Certificate Authority; they allow your visitors' browsers to recognize your certificate's authenticity.

In the Virtual Host settings for your site, in the virtual site file, you will need to add the following SSL directives:

1. If you purchased SBS Instant, add or edit the following two lines in the virtual host file under the virtual host domain for your site (assuming /etc/ssl/crt is the directory where you are storing your certs):

   SSLCACertificateFile /etc/ssl/crt/InstantValidationAddTrustUTNServerIntermediate1CA.crt
   SSLCACertificateFile /etc/ssl/crt/InstantValidationSBSIntermediate2CA.crt

   -OR-

   If you purchased SBS Secure or Secure Plus, add or edit the following line in the virtual host file under the virtual host domain for your site (assuming /etc/ssl/crt is the directory where you are storing your certs):

   SSLCACertificateFile /etc/ssl/crt/FullValidationAddTrustRootIntermediate3.crt

   If you are using a different location and certificate file names you will need to change the path and file names to reflect this.

2. The SSL section of the updated virtual host file should now read similar to this example (depending on your naming and directories used):

   SSLCertificateFile /etc/ssl/crt/YourDomainName.crt
   SSLCertificateKeyFile /etc/ssl/crt/private.key
   SSLCACertificateFile /etc/ssl/crt/IntermediateCert1.crt
   SSLCACertificateFile /etc/ssl/crt/IntermediateCert2.crt

3. Save your virtual host file and restart Apache.

You are now all set to start using your Secure Business Services certificate with your Apache Ensim configuration.