You will receive an email from Digi-Sign with the certificate in the email (yourdomainname.cer or yourdomainname.crt). When viewed in a text editor, your certificate will look something like:
Copy your Certificate into the directory that you will be using to hold your certificates. In this example we will use /etc/ssl/crt/. Both the public and private key files will already be in this directory. The private key used in the example will be labelled private.key and the public key will be yourdomainname.cer.
It is recommended that you make the directory that contains the private key file only readable by root.
You will need to install the chain certificates (intermediates) in order for browsers to trust your certificate. As well as your SSL certificate (yourdomainname.cer) two other certificates, named UTN-USERFirst-Hardware.crt and Digi-SignCADigi-SSLXp.crt or Digi-SignCADigi-SSLXs.crt, are also attached to the email from Digi-Sign.
Apache users will not require these certificates. Instead you can install the intermediate certificates using a 'bundle' method. You can download the correct Apache bundled CA file for your SSL server certificate here.
In the Virtual Host settings for your site, in the httpd.conf file, you will need to complete the following:
2. Add the following line to SSL section of the httpd.conf (assuming /etc/httpd/conf is the directory to where you have copied the bundlecafilename.pem file). If the line already exists amend it to read the following:
SSLCACertificateFile /etc/httpd/conf/ca-bundle/bundlecafilename.txt
If you are using a different location and certificate file names you will need to change the path and filename to reflect your server.
The SSL section of the updated httpd config file should now read similar to this example (depending on your naming and directories used):