User Instructions for Apache

Apache User Instructions

[1] All instructions to the DSSA™ in the Linux® environment use command prompts. Due to the simplistic functions of the DSSA™, once installed and initialised, there are very few commands that can be executed.


Important note: There is no command prompt to renew an existing SSL on the server. DSSA™ automatically detects all existing SSLs on the server and automatically renews these unless instructed to the contrary. Therefore, by installing DSSA™ you must ensure that you want all the SSLs on the system to be renewed automatically. To disable a specific SSL, use the ‘Disable’ command (see sub section 5.1.1.3

This limited set of commands not only makes the DSSA™ simple to use, it also make the application more secure. Any attempt to send unrecognised or incorrectly constructed command prompts are simply rejected by the DSSA™. The following are the correct command prompt instructions for the main DSSA™ functions:

• List_All

To view all of the SSLs installed on the particular machine, follow these instructions:

Change working directory:

cd /usr/local/dssa/bin

./dssa -list_all

This will provide you with a list of all the SSLs on the system, regardless of their life cycle status (i.e. currently valid and in date, expired and out of date, revoked, etc). Here is a sample list and explanations for each one:

>www.domain-one.com –v SSL is valid and in date
>www.domain-two.com –v
>www.domain-three.com –e SSL has expired
>www.domain-four.com –r SSL was revoked by DSSA™ command prompt
>www.domain-one.com –v
>www.domain-one.com –d DSSA™ disabled for this hostname and will not be renewed until enabled again

Important Note: The DSSA™ will only automatically renew SSLs that are valid at the exact time that the DSSA™ is installed and initialized. To enable the DSSA™ to replace an expired SSL with a new SSL, use the ‘Renew’ command prompt.

• Add_New Renew

To add a new SSL to the server, type the following commands:

Change working directory:

cd /usr/local/dssa/bin

./dssa -req -new -config-section [virtual_host_name:port] -cn [www.domain.com]

• Disable Renew

To disable the renewal of an existing SSL on the server, type the following commands:

Change working directory:

cd /usr/local/dssa/bin

./dssa -disable-ssl -config-section [virtual_host_name:port]

• Enable Renew

To enable the renewal of an existing SSL on the server that was previously disabled or had expired prior to the installation of the DSSA™, type the following commands:

Change working directory:

cd /usr/local/dssa/bin

./dssa -enable-ssl -config-section [virtual_host_name:port]

• Renew

To force an immediate renewal of an existing SSL on the server, use the following commands:

Change working directory:

cd /usr/local/dssa/bin

./dssa ./dssa -req -renew -config-section [virtual_host_name:port]