Instructions on how to add CA certificates into a SSLCACertificateFile from Trustis.com.
Installing CA certificates
On startup, Stronghold loads CA certificates from the file specified by the SSLCACertificateFile entry in its ‘httpd.conf’ file.
To install the PEM format bundled CA certificate file, reference it in the httpd.conf file. as follows
- Ensure that you have saved the PEM format bundled CA certificate as a text file.
- Open your ‘httpd.conf’ file and find the SSLCACertificateFile entry. By default the entry will be SSLCACertificateFile=’/ssl/CA/client-rootcerts.pem’. You will find ‘httpd.conf’ in the directory /conf.
- Open the file identified by SSLCACertificateFile (for example, /ssl/CA/client-rootcerts.pem) in a text editor.
- Open the file that contains the PEM format bundled CA certificates (e.g. cachainpem.txt) in a text editor.
- Copy the contents of this PEM format bundled CA certificate file
(including all the ‘—–BEGIN CERTIFICATE—–‘ and ‘—–END CERTIFICATE—–‘ lines)
to the clipboard.
- Now Paste what you have just copied into the file identified by SSLCACertificateFile.
In most cases you will want to insert the bundle CA certificate at the end of the file and add a comment to identify the certificate.
- Save the modified file and close the text editor.
- Restart your web server.