Install Certificate

To see how this inclusion page fits in with similar ones, perhaps see one of

• CertMaintenanceCollapsed
• CertificateUpdates

---

Installing the Certificate

IncludeCertUpdateCertificate

Theoretically, the file system locations of old versions of certificates could be almost arbitrary. To be sure of updating (or installing anew) all certificates, including the intermediate certificate, and private keys, you would need to read the configuration for all server applications involved, and install or replace the contents in the appropriate format.

In practice, locations of certificates are constrained somewhat.

There are potentially four pieces of data to install or make accessible for each server application.

1. The host private key

2. The host certificate

3. The OrganizationSSL (or IntranetSSL) Intermediate Root Certificate

4. An appropriate Certificate Authority Root Certificate

Of those, 2 (the host certificate) is the one you will always need to install or update. If you generated a new 1 private key, you will need to ensure it is correctly updated to match each certificate you install or update. In general 3 (intermediate certificate) will have been appropriately installed, unless you are setting up a brand-new server.

And 4 (CA root certificate) isn't actually required by most server applications. A CA root certificate is really only meaningful to the clients if it is obtained from a source different from the server presenting a certificate allegedly signed by that authority. Nonetheless, many servers are set up with CA root certificates available, although most client and server software will not actually have any reason to access that particular certificate from that source.

-- AdrianPepper - 23 Feb 2011

---

IncludeAdrianReferers

Referers

This topic IncludeCertUpdateCertificate is referred to by...

• CertMaintenanceCollapsed
• CertificateUpdates
• IncludeCertInetdFormat
• IncludeCertLocationXhier
• IncludeCertWebFormat