Firstly when your issuance email arrives it will contain your web server certificate. Copy your web server certificate into a text editor such as notepad including the header and footer. You should then have a text file that looks like:
-----BEGIN CERTIFICATE-----
[encoded data]
-----END CERTIFICATE-----
Make sure you have 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.
1. Save the certificate file in your text editor as domainname.cert
2. Start the Raven PKI Certificate Manager, using the command:
/usr/local/raven/bin/ravenctl
3. Choose Install CA Signed Certificate. You will be prompted for the location of your web server certificate. Identify the location and the name (domainname.cert) of your web server certificate file. The certificate will be installed in the following directory:
/usr/local/raven/module/pki/certs/
4. Choose Install CA Signed Certificate using the Raven PKI Certificate Manager. You will be prompted for the location of the GeoTrust Root Certificate. Download the relevant GeoTrust root certificate from http://www.geotrust.com/resources/root_certificates/index.htm. The certificate will be installed in the following directory:
/usr/local/raven/module/pki/certs/
5. Open the httpsd.conf file in a text editor and ensure that the virtual host that you purchased the certificate for has the following directives and that they point to the correct files:
SSLCertificateFile /usr/local/raven/module/pki/certs/domainname.cert
SSLCertificateKeyFile /usr/local/raven/module/pki/keys/domainname.key
SSLCACertificateFile /usr/local/raven/module/pki/certs/geotrustroot.cert6. Save the httpsd.conf file.
7. Restart the server: /usr/local/apache/bin/httpsdctl restart
Test your certificate by using a web browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP. Note: The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL.