Note: There are four certificates that need to be installed during this process. The first is
the 'Site' certificate, contained in the email from Comodo. The second is the
Intermediate CA certificates; please use the Intermediate CA certificate that came with
your site certificate in the zip file.
For Essential SSL certificate, in additonal to your domain certificate you will be
receiving 4 more files.These
files must be imported in the following order:
Root AddTrustExternalCARoot.crt
Intermediate CA UTNAddTrustSGCCA.crt
Intermediate CA ComodoUTNSGCCA.crt
Intermediate CA EssentialSSLCA.crt
Or you can download the EssentialSSLCA files
Please follow the steps below:
If you already have a temporary certificate in your /ServerRoot/ssl/certs directory, move, rename or delete it. Run the command 'getca servername' where 'servername' is the same name created during generation of the key or certificate request ('genkey servername' or 'genreq servername'). Open the site certificate in the e-mail from Comodo with a text editor and copy the content (including the lines below), as shown below to your clipboard:
'-----BEGIN
CERTIFICATE-----'
and
'-----END CERTIFICATE-----'
Paste
the contents into the terminal window where you ran 'getca'.
Enter Control-D or the appropriate EOF character for your
terminal.
Before restarting the server please install the
intermediate certificate as below.
Use the UTNAddTrustSGCCA.crt certificate provided with your site certificate and copy
the certificate content (including the lines below), as shown below to your clipboard.
Open a text editor. Paste the information on the clipboard into this text file. Save the
file as 'ca_new.txt'. It should look like this:
'-----BEGIN CERTIFICATE-----'
and
'-----END CERTIFICATE-----'
Next, open the second intermediate certificate, ComodoUTNSGCCA.crt. Repeat the
process and paste into the same document.
Next, open the second intermediate certificate, EssentialSSLCA.crt. Repeat the process
and paste into the same document.
Your final doc should look something like this:
-----BEGIN CERTIFICATE-----
MIIEhjCCA26gAwIBAgIQUkIGSk83/kNpSHqWZ/9dJzANBgkqhkiG9w0BAQUFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
.....
7uRJQ8E5fc8vlqd1XX5nZ4TlWSBAvzcivwdDtDDhQ4rNA11tuSnZhKf1YmOEhtY3
vm9nu/9iVzmdDE2yKmE9HZzvmncgoC/uGnKdsJ2/eBMnBwpgEZP1Dy7J72skg/6b
kLRLaIHQwvrgPw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEmTCCA4GgAwIBAgIQPToFJgm2LuWMNik4Y1ThJDANBgkqhkiG9w0BAQUFADCB
lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
.....
xxXAVEvJZhYpY99xq7YHkvrzT/Ix1jLQTTXbW4m4CORo3thHy9de6BaylCGcalu/
tIGG3cXyqHE+3adKtfr4bDs0mptYfU3U01tTI2tJOBahmJ+EXquuP67Of8gX5DKr
xNMvmpAxwpJTlu1yp/7E2jkpUWjtkI2Xjv5FGbc=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEyDCCBDGgAwIBAgIEAgACmzANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMRwwGgYDVQQDExNHVEUgQ3liZXJU
.....
zs1x+3QCB9xfFScIUwd21LkG6cJ3UB7KybDCRoGAAK1EqlzWINlVMr5WlvHqvaDj
vA2AOurM+5pX7XilNj1W6tHndMo0w8+xUengDA==
-----END CERTIFICATE-----
Save the file to the location 'ssl/certs/ca_new.txt' located in your ServerRoot
directory. Change the SSLCACertificateFile directive in your httpd.conf file to point to
the intermediate file (ca_new):
SSLCACertificateFile ssl/certs/ca_new.txt
Now restart the web server so that the new certificate is loaded