After the certificate arrives from the CA, you must make the Web server use your production key file. Perform the following steps:
- Copy the certificatename.kdb, certificatename.rdb, and certificatename.sth files you received from the certificate authority into the ssl subdirectory under the IBM HTTP Server installation path on your machine, where certificatename is the certificate name you supplied with your certificate request.
- Stop IBM HTTP Server.
Export JAVA_HOME by running the following commands:
DISPLAY=host_name:0.0 export DISPLAY JAVA_HOME=java_home export JAVA_HOME
where host_name is the fully qualified host name of the machine you are currently using and java_home is:- Open the Key Management Utility (ikeyman).
- Open the certificatename.kdb file, and enter your password when prompted.
- Select Personal Certificates, and click Receive.
- Click Browse.
- Select the folder where you have stored the files you received from the certificate authority. Select the certificatename.txt file and click OK.
- The Personal Certificates list box should now list either VeriSign certificatename certificate or Equifax certificatename certificate.
- Exit the Key Management Utility.
- Change directory to the conf subdirectory under the IBM HTTP Server installation path on your machine.
- Create a backup copy of httpd.conf.
- Open httpd.conf in a text editor.
- Ensure that the lines listed in step 5 are not commented.
- Search for Keyfile "keyfile_path_name/keyfile.kdb" directive, and change the path name to point to the file created in the preceding steps.
- Restart the IBM HTTP Server.