[BlueOnyx:02277] Re: GoDaddy SSL cert

[Michael Stauber]

Hi John,

> I had this same problem on BQ and Dan had posted a link to an old post by
> Herb Rubin at Pathfinders Software.   It worked great for me, and should
> work on BO.
>
> Here is the link.
>
> http://bluequartz.org/ml/archive/coba-e/9600/9605.html

>>>> 1)  modify /etc/httpd/conf.d/ssl_perl.conf
>>>>
>>>> At Line 59 Insert these 3 lines:
>>>>
>>>> if (-f "$vsite->{basedir}/certs/ca-chain") {
>>>>    $VirtualHost{"$ip:443"}{'SSLCertificateChainFile'} = 
>>>> "$vsite->{basedir}/certs/ca-chain";
>>>> }
>>>>
>>>> 2) You must place the GoDaddy gd_intermediate_bundle.crt file in the 
>>>> site/certs
>>>>   directory and call it "ca-chain".
>>>>
>>>>  mv gd_intermediate_bundle.crt 
>>>> /home/sites/www.yoursite.com/certs/ca-chain
>>>>
>>>> Note: I would greatly appreciate if the above 3 lines could make it 
>>>> into the main source.

Ah, many thanks! I knew someone had posted a mod for ssl_perl.conf somewhere 
to tie in the GoCrappy ... err ... GoDaddy certs, but last time I looked for 
it I couldn't find it.

I just added Herb's code suggestion to ssl_perl.conf on BlueOnyx and released 
it as YUM update (base-apache).

So all that's left to do once the box is yum updated is to place the GoDaddy 
gd_intermediate_bundle.crt file in the site/certs directory and call it "ca-
chain".

Still: A real cert from a proper CA would save a lot of grief. :o)

-- 
With best regards

Michael Stauber