Here is the steps for installing the SSL Certificate and CA Bundle (gd_bundle.crt) Implementing a PKCS12 Keystore for Apache:
1. Copy your SSL certificate file and the certificate bundle file to your Apache server. Generate the certificate file and key file using openssl pcks12 command
openssl pkcs12 -in <domainname>.pfx -out <domainname>.c
From the generated output( <domainname>.c ), using vi copy only private key and save it as a different file ( <domainname>.key ) and the same way copy the root certificate and save it as a different file ( your-company-name.crt )
2. Now using the gd_bundle.crt , <domainname>.key, <domainname>.crt – Generate a keystore file. Use the following command:
openssl pkcs12 -export -chain -CAfile gd_bundle.crt -in <domainname>.crt -inkey <domainname>.key -out keystore.tomcat -name tomcat -passout pass:changeit
3. Edit your Apache configuration to reference these files. Locate the following directives. If one or more of them are currently commented out, uncomment them by removing the '#' character from the beginning of the line. Set the values of these directives to the absolute path and filename of the appropriate file:
SSLCertificateFile /path/to/your/certificate/file
SSLCertificateKeyFile /path/to/your/key/file
SSLCertificateChainFile /path/to/intermediate/bundle/file
4. Save your configuration file and restart Apache.
What do you think about this Article? Add your Opinion..! EmoticonEmoticon