Ask a Question

Solution ID : SO5642

Install Extended Validation Certificate on Apache

Problem

Install Extended Validation Certificate on Apache
Install Certificate
Install Extended Validation Certificate

Solution

To install Extended Validation Certificate on Apache, follow the instructions below:

This document provides instructions for installing Thawte Extended Validation SSL Certificates. If you are unable to use these instructions for your server, Thawte recommends that you contact either the vendor of your software or an organization that supports Apache-SSL.

Watch Thawte’s Tutorial Videos for a more visual experience!

Note: If you are unable to view the video, please click here to go directly to the video source.

Step 1: Obtain the Thawte Extended Validation Intermediate CA certificate

a) Download the Thawte Extended Validation Intermediate CA certificate

Note: Be sure to use Vi or Notepad as word processing programs like Microsoft Notepad may add additional characters that may render the certificate unusable.

b) Copy and paste the Intermediate CA certiifcate into a text file and then save the file as intermediate.crt

Step 2: Install the EV SSL Certificate

1. Download your Thawte certificate

2. To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: public.crt

3. Copy your Certificate into the directory that you will be using to hold your certificates. In For example: /usr/local/ssl/crt/.
 

Step 3: Configure the Server

1. In order to use the key pair, the httpd.conf file will need to be updated.

2. In the Virtual Host section of the httpd.conf file, verify that you have the following 3 directives within this Virtual Host. Please add them if they are not present:

SSLCertificateFile /usr/local/ssl/crt/public.crt

SSLCertificateKeyFile /usr/local/ssl/private/private.key

SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt



The first directive tells Apache how to find the Certificate File, the second one where the private key is located, and the third line the location of the intermediate certificate.

If you are using a different location and certificate file names than the example above (which most likely you are) you will need to change the path and filename to reflect your server.

Note: Some instances of Apache contain both a httpd.conf and ssl.conf file. Please enter or amend the httpd.conf or the ssl.conf with the above directives. Do not enter both as there will be a conflict and Apache may not start.

1. Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:

apachectl stop

apachectl startssl
 

2. You should now be set to start using your Thawte certificate with your Apache server.

3. Verify the certificate installation.