Technical Note: [Accelops KB] How to set up a proper CA-signed certificate

Summary of Topic

This article will assist you in helping you setup a proper CA-signed Certificate

Steps

Preparation:

Once the user has obtained a certificate from Verisign or any other public certificate company, the user must have 3 files:

1. CA's certificate file: yourCA.crt
2. AccelOps certificate file: vaName.yourcompany.crt, vaName.yourcompany.key

Implementation:

1. Copy Certificates to VA: Scp the three certificate files to VA:/etc/httpd/conf.d
2. Apply Your Certificates:
   1. Update /etc/httpd/conf.d/ssl.conf files with the certificate files as follow:
   2. Change line "SSLCertificateFile" to "SSLCertificateFile /etc/httpd/conf.d/vaName.yourcompany.crt"
   3. Change line "SSLCertificateKeyFile" to "SSLCertificateKeyFile /etc/httpd/conf.d/vaName.yourcompany.key"
   4. Change line "SSLCertificateChainFile /etc/httpd/conf.d/ca.crt" to "SSLCertificateChainFile /etc/httpd/conf.d/yourCA.crt"
   5. Change line "SSLCACertificateFile /etc/httpd/conf.d/ca.crt" to "SSLCACertificateFile /etc/httpd/conf.d/yourCA.crt"
   6. Save the conf.d file and restart httpd

Additional Resources

To create and apply a self-signed cert, please refer to the related KB article "How to apply a Self-Signed or Certificate Authority Certificate to AccelOps".

Version Application

All