Step one: Copy your certificate to your Cobalt Raq

You will receive an email from InstantSSL with the certificate in the email (yourdomainname.crt). When viewed in a text editor, your certificate will look something like:

-----BEGIN CERTIFICATE-----
MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCAmowggHXAhAF
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAUAMF8xCzAJBgNVBAYTAlVTMSAw
(.......)
E+cFEpf0WForA+eRP6XraWw8rTN8102zGrcJgg4P6XVS4l39+l5aCEGGbauLP5W6
K99c42ku3QrlX2+KeDi+xBG2cEIsdSiXeQS/16S36ITclu4AADEAAAAAAAAA
-----END CERTIFICATE-----

Following the instructions in the Cobalt Raq user manuals available at Please refer to the Cobalt user guides available at http://emea.cobalt.com/support/resources/manuals.html replace the pending certificate with your InstantSSL certificate in the SSL Settings of your Raq.

Step two: Install the Intermediate Certificates

You will need to install the chain certificates (intermediates) in order for browsers to trust your certificate. As well as your SSL certificate ( yourdomainname.crt) three other certificates, named GlobalSignRootCA.crt, GlobalSignPartnersCA.crt and ComodoClass3SecurityServicesCA.crt, are also attached to the email from InstantSSL. Raq users will not require these certificates. Instead you can install the intermediate certificates using a 'bundle' method.

The following will require that you access the httpd config file. This may be achieved by telnetting into your webserver.
 

In the Virtual Host settings for your site, in the httpd.conf file, you will need to add the following SSL directives.This may be achieved by:

1. Copy this ca-bundle file to the same directory as httpd.conf (this contains all of the ca certificates in the InstantSSL chain).

2. Add the following line to httpd.conf (assuming /etc/httpd/conf is the directory mentioned in 1.), if the line already exists amend it to read the following:

SSLCertificateChainFile /etc/httpd/conf/ca-bundle

If you are using a different location and certificate file names you will need to change the path and filename to reflect your server.

The SSL section of the updated httpd config file should now read similar to this example (depending on your naming and directories used):

SSLCertificateFile /etc/ssl/crt/yourdomainname.crt //Locate Certificate File
SSLCertificateKeyFile /etc/ssl/crt/private.key //Locate Private Key File
SSLCertificateChainFile /etc/httpd/conf/ca-bundle //Locate CA Chain bundle file

Save your httpd.conf file and restart Apache. You can most likely do so by using the apachectl script:

apachectl stop
apachectl startssl

You are now all set to start using your InstantSSL certificate with your Raq.