Geotrust will email you your certificate. If the certificate is an attachment (Cert.cer), you can use the file. If the certificate is in the body of the email, copy and paste it into a text file (such as OriginalCert.txt) using vi or Notepad. Do not use Microsoft Word or other word processing programs that may add characters. Confirm that there are no extra lines or spaces in the file. If necessary, move the file to the server machine.
- To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: cert.crt
- Copy your Certificate into the directory that you will be using to hold your certificates. For example: /usr/local/ssl/crt/.
Configure the Server
In order to use the key pair, you must update the httpd.conf file.
In the Virtual Host settings for your site, in the httpd.conf file, add the following SSL directives:
SSLCertificateFile /usr/local/ssl/crt/cert.crt (this line tells Apache how to find the Certificate File)
SSLCertificateKeyFile /usr/local/ssl/private/private.key (this line tells Apache where the private key is located)
If you are using a different location and certificate file names than the example above (and most likely you are) you must change the path and filename to reflect your server.
Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:
apachectl stop
apachectl startssl
You are now ready to use your Geotrust certificate with your Apache-SSL Server.