Note: There are four certificates that need to be installed during this process. The first is
the 'Site' certificate, contained in the email from Comodo. The second is the
Intermediate CA certificates; please use the Intermediate CA certificate that came with
your site certificate in the zip file.
For Essential SSL certificate, in additonal to your domain certificate you will be
receiving 4 more files.These
files must be imported in the following order:
Intermediate CA UTNAddTrustSGCCA.crt
Intermediate CA ComodoUTNSGCCA.crt
Intermediate CA EssentialSSLCA.crt
Or you can download the EssentialSSLCA files
Please follow the steps below:
If you already have a temporary certificate in your /ServerRoot/ssl/certs directory, move, rename or delete it. Run the command 'getca servername' where 'servername' is the same name created during generation of the key or certificate request ('genkey servername' or 'genreq servername'). Open the site certificate in the e-mail from Comodo with a text editor and copy the content (including the lines below), as shown below to your clipboard:
the contents into the terminal window where you ran 'getca'.
Enter Control-D or the appropriate EOF character for your terminal.
Before restarting the server please install the intermediate certificate as below.
Use the UTNAddTrustSGCCA.crt certificate provided with your site certificate and copy
the certificate content (including the lines below), as shown below to your clipboard.
Open a text editor. Paste the information on the clipboard into this text file. Save the
file as 'ca_new.txt'. It should look like this:
Next, open the second intermediate certificate, ComodoUTNSGCCA.crt. Repeat the
process and paste into the same document.
Next, open the second intermediate certificate, EssentialSSLCA.crt. Repeat the process
and paste into the same document.
Your final doc should look something like this:
Save the file to the location 'ssl/certs/ca_new.txt' located in your ServerRoot
directory. Change the SSLCACertificateFile directive in your httpd.conf file to point to
the intermediate file (ca_new):
Now restart the web server so that the new certificate is loaded