But when I went to get my new cert from VeriSign, they said they have a new
Intermediate CA, and I need to install that. Does anyone know where that
goes?
I kinda know *what* it is... I believe an Intermediate CA is an extra amount
of code that adds a layer of encryption to the certificate. Without it, I'm
concerned that my new certificate may not work.... But I don't understand
where it gores, and I don't want to go through a bunch of restarts on my
live server to figure it out, if I can avoid it....
TIA!
> From: Terry Allen <hmag@xxxxxxxxxxxxxx>
> Reply-To: webten@xxxxxxxxxxxxxxx
> Date: Thu, 25 Apr 2002 08:45:05 +1000
> To: webten@xxxxxxxxxxxxxxx
> Subject: Re: Installing new SSL Certificate and Intermediate CA
>
>> This seems so easy, but I'm not finding it in any manual. Please help if you
>> can. I just ordered my renewal of my SSL Certificate from VeriSign. I think
>> all I have to do is:
>>
>> 1. Paste it into the file named: (IP.address.crt) in my tenon/ssl/certs
>> folder.
>>
>> 2. Then I have to make sure that file has Unix line breaks or (undocumented
>> bug) it completely freezes the computer.
>>
>> 3? Then... what do I do with the intermediate CA? VeriSign says they have a
>> new one and I have to install it. It is listed here:
>> http://www.verisign.com/support/install/intermediate.html
>>
>> In tenon/ssl/cacerts, I have two files:
>> ca-bundle.crt
>> gsid.crt
>>
>> Does it go in one of these or something? And am I missing anything else? Is
>> this documented somewhere? Any help would be appreciated.
>>
>> P.S. VeriSign has Apache instructions,
>> <http://www.verisign.com/support/install/apache/v00g.html>, but I presume
>> WebTen is more automated than that....
>
> Hi again,
> I cant specifically answer your question, but after only just
> getting a cert set up on my WebTen server, I just pasted the cert from the
> Thawte generated page into a BBEdit page, then put it into the appropriate
> spot in the WebTen/tenon/ssl directory & restarted - voila - worked.
> I would assume that Verisign (being Thawte's parent company), do it
> similarly - if they have already issued the new cert, I guess you just
> replace the old with the new & it should work. On another list I am on,
> someone mentioned that you simply insert your old cert into their renewal
> screen & pay the renewal & you don't need to do anything else - they update
> their details & you keep using the old one.
>
>
> Bye for now, Terry Allen
> ___________________________________________________________________
> hEARd
>
> Postal Address:
> hEARd
> c/o 128 The Entrance Rd
> The Entrance
> NSW 2261
> Australia
>
> Internet -
> WWW:
> http://heard.com.au or http://www.ozemail.com.au/~hmag
> http://hosting.heard.com.au
>
> Interactive Message Board - http://heard.com.au/wwwboard/
>
> EMAIL: (checked every Thursday & Sunday, sometimes more often)
> hmag@xxxxxxxxxxxxxx
>
> -----------------------------------------------
> Non profit promotion for new music - since 1994
> -----------------------------------------------
> Also, check out the Educate site - http://www.educate.net.au
>
>
>
|
