首页>技术支持>SSL证书安装指南 - Zeus Web Server(ZWS)

SSL证书安装指南 - Zeus Web Server(ZWS)

a. Fetch your certificate

1.You will receive an email when your certificate is issued.

2.Select the 'Standard certificate' format option to download your issued certificate.

5.Copy and Paste your certificate (first certificate) to a text editor (Notepad) and save the file with a .cert extension.

6. Copy and Paste the Intermediate Certificate (second certificate) to a text editor (Notepad) and save the file with a .cert extension.

b. Install your certificate

Secure certificates are added to a Virtual Server by clicking on the Security Configuration link from the Edit Server page.

If your web site is running on the default non-secure port (80), you will need to change it to use port 443, which is the default port for SSL:

Click on `General Configuration'.

In the `Server Address' form, change the port number from `80' to `443'.

Click `Update'.

Stop and start your web site (using the `traffic lights'). You web site will now be operating in SSL mode. It will use an interim self-signed certificate, and your web site users will be prompted to accept this certificate each time they access your site.

In many cases, you can just replace the contents of the self-signed certificate with the new certificate issued by thawte . Alternatively, you can use the `SSL Configuration' form to change the filename that web server uses for the certificate.

The SGC SuperCert is chained therefore you will need to append the Intermediate Certificate to your issued certificate in order to create a chained file.(including the `-----BEGIN CERTIFICATE-----' and `-----END CERTIFICATE-----' lines)

$ cat mycert.cert intermediate.cert > chained.cert

Replace your self-signed certificate file with your new certificate chain file.

Restart your web site for the changes to take effect.

You can also use the Secure Server Configuration page to configure your SSL settings:

Use the enabled checkbox to turn on SSL. This provides an easy means of turning SSL on and off for the server.

The Public Certificate File should be a signed X509 certificate from your Certificate Authority. Enter the full pathname of the file from the servers root directory.

The Private Certificate File should be your private key from which you generated the certificate request. Enter the full pathname of the file from the servers root directory. Under no circumstances should the private key be stored in the document root of the Virtual Server.

Click on the Update button to commit the configuration changes and return to the Edit Server page. You will need to restart the Virtual Server from theController to allow the changed to take effect.

Server Ports

The default port for the HTTP protocol (used by web servers) is port 80, the default port for the HTTPS protocol is port 443. It is possible to use any port to run your virtual server by specifying a port number when it is created. If a port number is specified and then SSL is enabled the secure server will continue to run on the specified port. If no port number is specified (the Virtual Server is running on port 80) then enabling SSL will result in the default HTTPS port being used. It is advisable that all public commercial servers should use the default ports for their protocols.

Notes:

Zeus Server allows each of your Virtual Servers to have their own SSL certificates. This allows multiple secure sites to run on the same Zeus server. Each Virtual Server requires its own public and private certificates for secure transfer.

This document only describes the procedures required to enable SSL under on a Virtual Server. For more information on how SSL works, SSL security precautions and on generating SSL certificates please see the following link: http://www.zeus.com/extra/docsystem/docroot/apps/web/docs/ssl.html

For more information about the Zeus web server controller, please visit: http://www.zeus.com/extra/docsystem/docroot/apps/web/docs/controller/controller.html#ssl