We have issued a new certificate this month, and is giving us some problemas. According to thawte, they migrated to 2048 the root, but we can't get the point to configure those new certificates in apache 2.2 Thwate Root Migration
¿Any advice or link that can help us on importing those root to the thrust of apache and implement the new certifcicate? Thanks
After searching in documetation, in thawte and in openssl, I put here the solution in case anyone need it.
First Step
And you will probably, because all the entities will migrate to 2048 bit root soon (International recomendation).
First, you need all the root and intermeditate certificates, normally on .crt extension in BASE64 encoding.
Then you create a .pem file, copying all the certificates in one file
Second Step
Apache has 3 directives to manage SSL in this case:
SSLCACertificateFile "SSL_CA_Bundle.pem"
SSLCertificateKeyFile "WebCertificate.key"
SSLCertificateFile "WebCertificate.crt"
You must configure them in each Virtual host (If used).
This way all the clients will get a correct certificate and they will trust on the entities that issued the certificate.