Install your SSL certificate manually
Some instances of Apache contain both a httpd.conf and ssl.conf file. Enter or amend the httpd.conf or the ssl.conf with the below directives. Do not modify both Apache configuration file, it can cause problems starting Apache web services.
- Download your certificate from the unique secure link we provide your technical contact via email.
- The ZIP file you download contains the following certificates:
- SSL certificate (i.e. ssl_certificate.crt, also known as end entity certificate, public key certificate, digital certificate or identity certificate).
- Intermediate CA certificate (i.e. IntermediateCA.crt, also known as chained certificate or signer/issuer of the end entity certificate).
- SSL Assistant (optional installation tool).
- Unzip the files onto the server where you will install the certificate.
- The httpd.conf or ssl.conf file will need to be updated. Copy the end entity certificate and intermediate ca certificate to the directory on your server where you stored the private key file generated when the certificate signing request (CSR) was made.
- In the Virtual Host section of the httpd.conf or ssl.conf file, verify that there are the following 3 directives within this Virtual Host.
Add them if they are not present:
SSLCertificateFile /usr/local/ssl/crt/public.crt - This is your SSL certificate file (also known as end entity certificate, public key certificate, digital certificate or identity certificate).
SSLCertificateKeyFile /usr/local/ssl/private/private.key - This is the private key file generated when you created the certificate signing request (CSR).
SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt - This is the intermediate ca certificate file (also known as chained certificate or signer/issuer of the end entity certificate).
NOTE: Some versions of Apache do not accept the SSLCertificateChainFile directive. Try using SSLCACertificateFile instead.
NOTE: The first directive tells Apache how to find the certificate file, the second directive tells Apache where the private key is located and the third directive tells Apache the location of the intermediate certificate. If you are using a different location and certificate file names than the example above (which most likely you are) you will need to change the path and filename accordingly.
- Save your httpd.conf or ssl.conf file and restart Apache. Type the following command at the prompt:
- You are now ready to start using your certificate with your Apache-SSL Server.
If you are unable to use these instructions for your server, DigiCert recommends that you contact either the vendor of your software or an organization that supports Apache HTTP Server.
Verify certificate installation
- Verify your installation with the DigiCert Installation Checker