You can deploy certificates from Alibaba Cloud Certificates Service to various web service servers using the method as you may, for other certificates. However, if the certificate contains a certificate chain, it must be deployed in the Apache server using the following steps.
Step 1: Check whether your digital certificate contains a certificate chain
BEGIN CERTIFICATEsegments in the certificate file, they indicate that your certificate file contains a certificate chain.
|If you certificate file does not contain a certificate chain, skip the following steps in this document. Deploy your certificate directly on the Apache server.|
-----BEGIN CERTIFICATE----- xxxxxx... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- xxxxxx... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- xxxxxx... -----END CERTIFICATE-----
Step 2: Extract certificate chain
To extract a certificate chain from your certificate file, open the certificate file and copy the last two segments of certificate information (namely, the last two
-----BEGIN CERTIFICATE----- segments) to a separate text file, and save that text file as mycert_chain.pem.
Step 3: Rename file
Rename the original certificate file to mycert.pem. You now have two PEM files, the original certificate file mycert.pem and the certificate chain file mycert_chain.pem.
Step 4: Deploy certificate in Apache server
... SSLEngine On SSLCertificateFile conf/ssl.crt/mycert.pem SSLCertificateKeyFile conf/ssl.key/mycert.key SSLCertificateChainFile conf/ssl.crt/mycert_chain.pem ...