picture of tbs certificates
picture of tbs certificates
Our products range

Install a certificate for Apache release 2 OVH (base gentoo)

You received your certificate by email with one or several intermediate certificates and a root certificate. Keep this email within reach.

1- Retrieve your certificate(s) on your server

Go back where the private key has been generated, for example:
cd /etc/httpd/ssl.crt
cd /usr/local/apache/conf/ssl.key
In the delivery email you'll find several links. Click on them and download the associated files:
  • A: your server certificate
  • B: the certification chain

2- Set up Apache

Edit your Apache 2 configuration file:
If there is just one certificate on this machine, spot the section beginning with:
<VirtualHost _default_:443>
In order to serve your content, edit the line as you wish: DocumentRoot and ServerName

and edit the following instructions to mahke them point to your files:
# SSL configuration
# 128-bit mini PFS favored
# 128-bit maximal security

SSLProtocol all -SSLv2 -SSLv3
# your server certificate(A)
SSLCertificateFile    /etc/httpd/ssl.crt/cert-0000000000-1234.cer
# your private key (previously generated)
SSLCertificateKeyFile /etc/httpd/ssl.key/

For the certification chain (B), add:
SSLCertificateChainFile /etc/httpd/ssl.crt/chain-0000000000-1234.txt 
See SSLCertificateChainFile

3- Restart Apache and run a test

Once setted up, restart the Apache server.
/etc/init.d/apache restart
If it does not restart verify the SSL log (for any syntax error): /var/log/httpd/.

Check the access of your website's secured pages with IE 6 and Firefox.

External links

Recap example

DocumentRoot "/home/virtual/www"
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLCertificateFile "/usr/local/apache/conf/ssl.crt/"
SSLCertificateKeyFile "/usr/local/apache/conf/ssl.key/"
SSLCACertificateFile "/usr/local/apache/conf/ssl.crt/thawteintermediate.crt"