32 | | The certificate authority will respond with a certificate file. This file and your domain.key file can be used to [wiki:setup_security_certificate setup your web site to use a security certificate]. |
| 36 | == Getting a certificate file == |
| 37 | |
| 38 | There are dozens of corporate certificate authorities that can take your certificate signing request and return a certificate that will only work with your private key. The cost is typically about $80 - $200. You only need to provide your contact information, your certificate signing request and a credit card to be charged. After a short verification period, they will return a certificate to you (also a text file). |
| 39 | |
| 40 | == Testing your certificate file == |
| 41 | |
| 42 | If you want to test to ensure that your certificatre is valid and works with your key file, you can run this command: |
| 43 | |
| 44 | {{{ |
| 45 | openssl s_server -cert domain.crt -key domain.key -www |
| 46 | }}} |
| 47 | |
| 48 | You should get something like this: |
| 49 | |
| 50 | {{{ |
| 51 | 0 jamie@chicken:~$ openssl s_server -cert domain.crt -key domain.key |
| 52 | Using default temp DH parameters |
| 53 | Using default temp ECDH parameters |
| 54 | ACCEPT |
| 55 | ^C |
| 56 | 130 jamie@chicken:~$ |
| 57 | }}} |
| 58 | |
| 59 | Hit ctl-c to cancel. |
| 60 | |
| 61 | If you are prompted for a password, then it means you created your key file with a password, which will cause problems if try to use it for your web site. |
| 62 | |
| 63 | |
| 64 | == Next steps == |
| 65 | |
| 66 | This file and your domain.key file can be used to [wiki:setup_security_certificate setup your web site to use a security certificate]. |