Installing your SSL Server Certificate - C2Net Stronghold

Note: You must install both the bundle CA certificate and your server certificate to provide secure access to your Web server.

You will receive an email from the Registration Authority when your certificate request has been approved that contains a link to a location where your server certificate may be obtained. Clicking on this link will bring up a browser window that contains the details of your issued certificate and includes a section that looks something like the following:

-----BEGIN CERTIFICATE----- MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAmowggHXAhAF UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAUAMF8xCzAJBgNVBAYTAlVTMSAw (.......) E+cFEpf0WForA+eRP6XraWw8rTN8102zGrcJgg4P6XVS4l39+l5aCEGGbauLP5W6 K99c42ku3QrlX2+KeDi+xBG2cEIsdSiXeQS/16S36ITclu4AADEAAAAAAAAA -----END CERTIFICATE-----

Copy everything you see between and including the lines that look like
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----

and paste it into an appropriately named text file e.g. myserver.cert

Installing CA certificates

On startup, Stronghold loads CA certificates from the file specified by the SSLCACertificateFile entry in its 'httpd.conf' file.
To install the PEM format bundled CA certificate file, reference it in the httpd.conf file. as follows

Ensure that you have saved the PEM format bundled CA certificate as a text file.
Open your 'httpd.conf' file and find the SSLCACertificateFile entry. By default the entry will be SSLCACertificateFile='/ssl/CA/client-rootcerts.pem'. You will find 'httpd.conf' in the directory /conf.
Open the file identified by SSLCACertificateFile (for example, /ssl/CA/client-rootcerts.pem) in a text editor.
Open the file that contains the PEM format bundled CA certificates (e.g. cachainpem.txt) in a text editor.
Copy the contents of this PEM format bundled CA certificate file
(including all the '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' lines)
to the clipboard.
Now Paste what you have just copied into the file identified by SSLCACertificateFile.
In most cases you will want to insert the bundle CA certificate at the end of the file and add a comment to identify the certificate.
Save the modified file and close the text editor.
Restart your web server.

Installing the server certificate

Save your server certificate as a text file.
Install the new certificate using getca, this utility is normally installed in /bin:

getca myhostname < /server certificate file location and name
Where: myhostname is the common name of the Web server for which the certificate was requested (this is the same as specified when you ran genkey) and '/server certificate file location and name' is the name of the server certificate file. This will save the certificate in the file /ssl/certs/myhostname.cert.
Restart your web server.