DigiCert certificate did not work with Apache

  • 3675781
  • 29-Aug-2007
  • 26-Apr-2012

Environment

Novell NetWare 6.5 Support Pack 6
Novell Certificate Server (PKIS) 3.1.1
Novell Apache on NetWare 2.0.59

Situation

Created a CSR and submitted to DigiCert for a regular certificate with
a 3-year lifespan. When we received the certificate, we imported it into
the KMO following the guidelines given by DigiCert. Tried both
ConsoleOne and iManager.
In both cases the cert looked fine in iManager and C1 but would not
work for Apache. The webserver would listen, but any attempt to
connect over https would produce an error "cannot connect" in IE
(NOT a certificate alert). FireFox would give a slightly more
descriptive error, -12258.

Resolution

Go into the certificate in ConsoleOne(SSLWebmail). Select
Certificates tab, "Public key". Export. Check yes to export private key.
Provide a filename and password. Next, Finish.
Create a new object (SSLWebmail2). NDSPKI Key Material. Select server,
provide name (SSLWebmail2), then Select the option to import and click
next. Then select "Read from file" and import the file created above.
Use the new object (SSLWebmal2) in the SecureListen directive in
ttpd.conf. Unload APACHE2. LOAD APACHE2