Installing an SSL certificate on Java-based Web servers

Installing your certificate involves not only the importing of the certificate for your domain name, but also its Root and Intermediate certificates. These certificates link your certificate to its Certificate Authority, and allow your visitors' browsers to recognize your certificate as authentic.

Part one: Download and save your certificates

1. Open the email we sent you, that contains the certificate for your domain name.

2. Copy the certificate, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

3. Paste the certificate into a blank document in a text editor. Use an editor that will not add characters, such as TextPad.

4. Save the document. We recommend that you name it YourDomainName.crt and save it in your Web server's default directory for SSL certificates.

   We recommend that you also back up your certificate on another computer or storage device.

5. Confirm which certificate you purchased, and determine which set of Root and Intermediate certificates to download.

   To confirm which certificate you purchased, review your order confirmation.

   • If you purchased SBS Instant, download set A below.

   • If you purchased SBS Secure or Secure Plus, download set B below.

   A -- SBS Instant

   • Instant Validation UTN Global Root CA
   • Instant Validation AddTrust Intermediate 1 CA
   • Instant Validation SBS Intermediate 2 CA

   -OR-

   B -- SBS Secure and Secure Plus

   • Full Validation AddTrust Root CA
   • Full Validation Intermediate CA

6. Download the Root-Intermediate set for your domain name certificate. To download, right-click each certificate file name and select Save Target As.

   Save the Root and Intermediate certificates to the same directory where you saved the certificate for your domain name.

Part two: Import your certificates

Your certificates must be imported in the correct order: the Root, then the Intermediate(s) (two for SBS Instant, one for SBS Secure or Secure Plus), then the certificate for your domain.

1. From the command line, run the keytool command to import the Root certificate:

   keytool -import -trustcacerts -alias root -file RootFileName -keystore KeystoreName

2. Use the same process for the Intermediate certificate(s). If you purchased SBS Instant, import *Intermediate1CA.crt first and *Intermediate2CA.crt second, and assign a different alias to each of the Intermediate certificates. You can choose any alias for the Intermediates:

   keytool -import -trustcacerts -alias AliasName -file IntermediateFileName -keystore KeystoreName

3. Use the same process for the site certificate. If you chose an alias when creating a CSR then include that alias in the string:

   keytool -import -trustcacerts -alias AliasName -file YourCertName -keystore KeystoreName

4. Enter the keystore password (this is the one used during CSR creation). Several lines of information about the certificate will be returned.

5. When the process asks whether to trust this certificate, type yes and click Enter.

   An information message will display, "Certificate was added to keystore."

   Your certificates are now loaded and ready to go to work.