Ask a Question

Install a Thawte SSL123 Certificate on 4D WebSTAR 5.x

Problem

Install a Thawte SSL123 certificate on a 4D WebSTAR 5.x Server
Install a Thawte SSL123 certificate on WebSTAR 5.x
Install a Thawte SSL123 certificate  on a WebSTAR 5.x server

Solution

To install a Thawte SSL123 certificate on a WebSTAR 5.x server, perform the following steps:
 
1. Once you have received your SSL Certificate files from us, open a text editor (Notepad) and paste the contents of each certificate, received, in the following order:
         
         a) The SSL certificate (certificate.txt) to download from:  SO13187  and save as certificate.txt
         b) The Thawte SSL123 Intermediate CA (intermediate.txt) to download from: AR1384 and save as intermediate.txt
         c) The Thawte Root CA (root.txt) to download from: http://www.thawte.com/roots and save as root.txt
 
Note: Make sure that you include the beginning and end tags on each certificate. The result should look like this:

      -----BEGIN CERTIFICATE-----
      (Your SSL123 certificate: certificate.txt)
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      (Your SSL123 Intermediate: intermediate.txt)
      -----END CERTIFICATE-----
      -----BEGIN CERTIFICATE-----
      (The Thawte Root CA: root.txt)
      -----END CERTIFICATE-----
 
2.Save the combined file as certpack.pem.
 
Note: If you are using a older version of Webstar 4D it might require a certificate formatted as a combined Netscape file. Netscape format only applies to 4D versions 4 or older, version 5+ uses a pem file. If you have any problems with the pem file. Please contact your vendor, or try to upgrade your software.
  
3. Your web server must have SSL capabilities turned on. You should view SSL displayed in the status window on your server, and have an SSL Security item in the list of settings in WebSTAR admin.
  
4. In the settings window, under WebSTAR admin, select SSL Security.
 
5. The top area lists IP addresses.
 
6. The lower area sets your security options, including certificate & private key data. The checkboxes set your policy regarding incoming connections.
 
7. Each IP address uses a unique Certificate. Only one certificate can be assigned to each.
  
8. Select the item for the IP address which corresponds to the host name of the current certificate.
 
9. On the Security popup menu, select SSL 2 and SSL 3.
 
10. Click the Certificate Choose button. Select the certpack.pem file.
 
11. Click the Private Key File Choose button. Select the private key file you used to generate your CSR.
 
12. Type your Private Key Password into the appropriate field.
 
13. Click the Save button.
 
14. View the server Status window. You should see a message confirming that the SSL certificate was accepted: SSL context for xxx.xxx.xxx.xxx:443 created.
 
15. Encryption Ciphers. The cipher checkboxes indicate which encryption algorithms you will support. The client can connect only if they support at least one of the cipher's you have enabled.
 
16. When you have chosen your cipher settings, click Save again to send/set the information.