Hm, I got a helpful answer in Thread
http://forums.contribs.org/index.php?topic=39326.0 Also the WIKI entry helped me integrating the GoDaddy certificate.
Still one more thing: they sent me a ChainCertificate with my purchased certificate. Their help sections says:
Note: Before you install your issued SSL certificate you must install our intermediate certificate bundle (gd_intermediate_bundle.crt) on your Web server. You may also download the intermediate certificate bundle from the repository.
Installing SSL Certificate and the Intermediate Certificate
1. Copy your SSL certificate file and the intermediate bundle file to your Apache server. You should already have a key file on the server from when you generated your certificate request.
2. Edit your Apache configuration to reference these files. The exact configuration file you will edit will depend on your version of Apache, your OS platform, and/or the method used to install Apache. In Apache 1.3, you will most likely edit the main httpd.conf file. In Apache 2.x, you will most likely edit the ssl.conf file.
3. Locate the following directives. If one or more of them are currently commented out, uncomment them by removing the '#' character from the beginning of the line. Set the values of these directives to the absolute path and filename of the appropriate file:
* SSLCertificateFile /path/to/your/certificate/file
* SSLCertificateKeyFile /path/to/your/key/file
* SSLCertificateChainFile /path/to/intermediate/bundle/file
4. Save your configuration file and restart Apache.
Is there a command to integrate the chain cert, beside these to commands?
config setprop modSSL crt /home/e-smith/ssl.crt/{domain}.crt
config setprop modSSL key /home/e-smith/ssl.key/{domain}.keyI may outcomment in ssl.conf the line about the SSLChain... cert; but is this the only thing to do? It seems, that the db also needs to know about the chain file... (The thread
http://forums.contribs.org/index.php?topic=24067.0 seems a bit outdated since 7.2 uses a different Apache version).
Another point is, that I have two places where I find my SSL keys and certs:
/home/e-smith/...
/etc/httpd/conf/...In the second place they are just called "server.crt" and "server.key". In the first place they are called server.MY.PRIMARY.DOMAIN.TLD.crt" and "server.MY.PRIMARY.DOMAIN.TLD.key"
Which of the needs to be replaced with the new cert?
Seems, that I'd need both of them?!?
Any help - as usual - is highly appreciated!
6 Replies
6750 Views