D.3 Configuring Apache to Point to an SSL Certificate on an iFolder Server

  1. Get an SSL certificate from a trusted certificate authority.

  2. Create a shared key directory. At a terminal console, enter

    mkdir /etc/sharedkey/
    

    Replace sharedkey with the actual name of your key directory.

  3. Do either of the following:

    • Copy the private key (.key file) and the certificate (.cert file) to the shared key directory location. At a terminal console, enter

      cp ./filename.key /etc/sharedkey/
      
      cp ./filename.cert /etc/sharedkey/
      

      Replace filename with the actual file name of your .key and .cert files. Replace the destination path with the shared key directory location where you want to store the .key and .cert files.

    • If you have received a single .pem file from the trusted authority, copy that to the shared key directory location. At a terminal console, enter

      cp ./filename.pem /etc/sharedkey/
      
  4. Perform either of the following:

    1. Edit the Apache SSL configuration file (/etc/apache2/vhosts.d/vhost-ssl.conf ) to point to the .key file and .cert file by modifying the values for the following parameters:

      SSLCertificateKeyFile=/etc/sharedkey/filename.key
      
      SSLCertificateFile=/etc/sharedkey/filename.cert
      

      Replace the path to the files with the actual location and filenames.

    2. Edit the Apache SSL configuration file (/etc/apache2/vhosts.d/vhost-ssl.conf ) to point to the .pem file by modifying the values for the following parameters:

      SSLCertificateKeyFile=/etc/sharedkey/filename.pem
      
      SSLCertificateFile=/etc/sharedkey/filename.pem
      

      WARNING:Ensure that there are no duplicate entries for SSLCertificateKeyFile and SSLCertificateFile in the Apache SSL configuration file.

  5. Restart the Apache server.