My activities
Submit a Ticket >

Toll Free: 1.877.776.2995

Replacing Default SSL Certificate

  1. The first step is to generate a private key. If OpenSSL has been installed on the server, then the following command be used: OpenSSL genrsa -des3 -out server.key 1024
  2. Create a Certificate Signing Request (CSR) with the private key. Again, using OpenSSL, this can be done by running: OpenSSL req -new -key server.key -out server.csr Make sure that the fully qualified domain name (FQDN) of the server (e.g., agiliance.customer.com) is used as the Common Name in the certificate request.
  3. The CSR file can then be sent to your certificate authority (CA) to be signed. In return, the CA will provide you with a CRT certificate file (e.g., server.crt).
  4. Backup the existing server.key and server.crt files in %AGILIANCE_HOME%\Apache2\conf and place the new .key and .crt files in this directory. If possible, call the new files server.key and server.crt respectively. If the CA provides a .cer file, then the extension can be renamed.
  5. Edit %AGILIANCE_HOME%\Apache2\conf\extra\passphrase.bat and replace the existing passphrase string "agiliance" (default) with the passphrase used to create the private key. Save the file.
  6. If an external trusted CA (e.g., Verisign) provides an intermediate CA certificate, then this can be enabled by modifying the httpd-ssl.conf file located in %AGILIANCE_HOME%\Apache2\conf\extra\ to uncomment this line and supplying the path to the intermediate CA certificate: # SSLCertificateChainFile conf/cacert.crt
  7. Restart the Apache2.2 service
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Powered by Zendesk