C2Net Stronghold

NOTE: You must install both the bundle CA [1] certificate and your server certificate to provide secure access to your Web server.

Get bundle CA file

On start-up, Stronghold loads CA certificates from the file specified by the SSLCACertificateFile entry in its 'httpd.conf' file.

• To install the bundle CA certificate, reference it in the httpd.conf file.
• Ensure that you have saved the bundle CA certificate as a text file.
• Open your 'httpd.conf' file and find the SSLCACertificateFile entry. By default the entry will be SSLCACertificateFile='/ssl/CA/client-rootcerts.pem'. You will find 'httpd.conf' in the directory /conf.
• Open the file identified by SSLCACertificateFile (for example, /ssl/CA/client-rootcerts.pem) in a text editor.
• Open the file that contains the bundle CA certificate (ca_new.txt) in a text editor.
• Copy the bundle CA certificate (including the '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' lines to the clipboard.
• Paste the bundle CA certificate into the file identified by SSLCACertificateFile. In most cases you will want to insert the bundle CA certificate at the end of the file and add a comment to identify the certificate.
• Save the modified file and close the text editor.
• Restart your web server.

To install your server certificate:

• Save your server certificate as a text file.
• Install the new certificate using getca, this utility is normally installed in /bin:
  Getca myhostname < /server certificate file location and name
  Where: myhostname is the common name of the Web server for which the certificate was requested (this is the same as specified when you ran genkey) and '/server certificate file location and name' is the name of the server certificate file. This will save the certificate in the file /ssl/certs/myhostname.cert
• Restart your web server