Installing an SSL certificate on Ensim 10.1.x

Part one: Download and save certificates

You may have to modify these instructions slightly, especially paths, depending on the version of Linux you have installed.

1. In directory /home/virtual/siteAAA/fst/etc/http/conf create subdirectory ssl.ca. This new directory must be owned by root and group of root:

   chown root /home/virtual/siteAAA/fst/etc/http/conf/ssl.ca

   chgrp root /home/virtual/siteAAA/fst/etc/http/conf/ssl.ca

   chmod 0700 /home/virtual/siteAAA/fst/etc/http/conf/ssl.ca

2. Open the email we sent you, that contains the certificate for your domain name.

3. Copy the certificate, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

4. Paste the certificate into a blank document in a text editor. Use an editor that will not add characters, such as TextPad.

5. Save the document. We recommend that you name it YourDomainName.crt and save it to /home/virtual/siteAAA/fst/etc/http/conf/ssl.ca.

   We recommend that you also back up your certificate on another computer or storage device.

   The certificate file should be owned by Root and group of Root, and have chmod 0644.

6. Confirm which certificate you purchased, and determine which set of Intermediate certificate(s) to download.

   To confirm which certificate you purchased, review your order confirmation.

   • If you purchased SBS Instant, download set A below.

   • If you purchased SBS Secure or Secure Plus, download set B below.

   A -- SBS Instant

   • Instant Validation SBS Intermediate 2 CA
   • Instant Validation AddTrust Intermediate 1 CA

   -OR-

   B -- SBS Secure and Secure Plus

   • Full Validation Intermediate CA

7. Download the Root-Intermediate set for your domain name certificate. To download, right-click each certificate file name and select Save Target As.

   Save the Root and Intermediate certificates to the same directory where you saved the certificate for your domain name.

   Assign the same ownership, group, and chmod as the certificate for your domain name.

Part two: Install the certificate for your domain

1. Log on to the Administrator console and select the site that the certificate was requested for.

2. Click Services, then Actions next to Apache Web Server and then SSL Settings. There should already be a 'Self Signed' certificate saved.

3. Click Import and copy the text from the YourDomainName.crt file into the box.

4. Select Save. The status should now change to Successful.

5. Log out. Do not click Delete as this will delete the installed certificate.

Part three: Install the Intermediate certificate(s)

Intermediate certificates link the certificate for your domain name to the Certificate Authority; they allow your visitors' browsers to recognize your certificate's authenticity.

1. Open the virtual host file.

2. If you purchased SBS Instant, add or edit the following two lines in the virtual host file under the SSL KeyFile setting (assuming you are storing your certs in /home/virtual/site2/fst/etc/httpd/conf/ssl.ca):

   SSLCACertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/InstantValidationAddTrustUTNServerIntermediate1CA.crt
   SSLCACertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/InstantValidationSBSIntermediate2CA.crt

   -OR-

   If you purchased SBS Secure or Secure Plus, add or edit the following line in the virtual host file under the virtual host domain for your site (assuming you are storing your certs in /home/virtual/site2/fst/etc/httpd/conf/ssl.ca):

   SSLCACertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/FullValidationAddTrustRootIntermediate3.crt

   If you are using a different location and certificate file names you will need to change the path and file names to reflect this.

3. The SSL section of the updated virtual host file should now read similar to this example (depending on your naming and directories used):

   SSLCertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/YourDomainName.crt
   SSLCertificateKeyFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/private.key
   SSLCACertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/IntermediateCert1.crt
   SSLCACertificateFile /home/virtual/site2/fst/etc/httpd/conf/ssl.ca/IntermediateCert2.crt

4. Save your virtual host file and restart Apache.

You are now all set to start using your Secure Business Services certificate with your Ensim configuration.