Intermediate Certificate Authority (CA) & SSL Installation Instructions for Apache

Solution ID:    SO15690    Updated:    10/19/2015



Step 1 - Download your certificate:

  1. Please log into your account and download the certificate using the server platform "Apache" / "HTTP Server".  You will receive a .ZIP file with the server certificate and Intermediate certificate.  Please use these two files along with the private key that was generated along side your CSR for the installation.
    Enterprise Security Center
    Security Center
    Certificates purchased through Partners. Please select X.509 as the format and also download the Additional Certificate.

Step 2 - Configure the Apache server

  1. Locate the Apache configuration file (example httpd.conf), the configuration file name can be different depending on your Apache version or flavour. The configuration file will need to be updated to reference your server certificate, private key and intermediate certificate files.
  2. In the Virtual Host settings for your site, locate the SSL certificate settings section and verify that you have the following 3 directives within the Virtual Host. Please add them in if they are not present:
    • SSLCertificateFile /usr/local/ssl/crt/public.crt                              <-- This is your server certificate file for your domain
    • SSLCertificateKeyFile /usr/local/ssl/private/private.key                <-- This is your private key file
    • SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt            <-- This is your intermediate certificate.
      For example

    Note: As with the example above, the file names can be public.crt, private.key & intermediate.crt.  Your server however may use a different naming convention. If you are using a different file location than the example above, you will need to change the paths to match your files on the server.

  3. Save your Apache configuration file and restart Apache. (If Apache fails to start, check the error logs for clues)
  4. Verify the installation of the GeoTrust certificate chain using our SSL checker.


Geotrust has made efforts to ensure the accuracy and completeness of the information in this document. However, Geotrust makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Geotrust assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.

Further, Geotrust assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Geotrust reserves the right to make changes to any information herein without further notice.

Contact Support

Find Answers

Search Tips