Here is a short tutorial how to set up a Thawte SSL 123 SSL certificate (a domain-only validation SSL Certificate). In a nutshell, it takes two steps: First, you need to create your private key and the certificate signing request to request the certificate. In a second step you need to configure your web server to use the certificate.
1. Create private key and certificate signing request
To create your private key and the certificate signing request use the following command:
It is important to input your country code for the field "Country Name (2 letter code)" and the exact domain name (including all subdomains like www) for the field "Common Name (eg, YOUR name) []". Since the Thawte SSL 123 SSL certificate is a "domain-only validation certificate" the informations like company name or email address are irrelevant. The command creates to files: www.your-domain.com.pem (your private key) and www.your-domain.com.csr.pem (the certificate signing request). In the purchase process you will be asked for the CSR information; just copy and paste the data from your www.your-domain.com.csr.pem file:
Just paste the data at the end of your private key file www.your-domain.com.pem. Since Thawte has upgraded their root hierarchy to 2048bit RSA Keys (more information), you need an Intermediate CA file to support old web browsers (like old versions of Internet Explorer). For the Apache2 web server you can download the file from Thawte:
In your vhosts configuration the ssl options need to refer to the your certificate file and the Intermediate CA file:
ServerName www.your-domain.com
SSLEngine on
SSLCertificateFile /path/to/file/www.your-domain.com.pem
SSLCACertificateFile /path/to/file/SSL123_CA_Bundle.pem
[...]
In a last step, reload/restart your web server to activate the new configuration.
by
Janeth Kent Date:
11-04-2013
hits :
2256
Janeth Kent
Licenciada en Bellas Artes y programadora por pasión. Cuando tengo un rato retoco fotos, edito vídeos y diseño cosas. El resto del tiempo escribo en MA-NO WEB DESIGN AND DEVELOPMENT.
