Article ID: 4424, created on Mar 24, 2008, last review on May 8, 2014

  • Applies to:
  • Sphera


How to install Comodo Cetifacates with Sphera Apache Server


1. Request the certificate from Comodo for Apache+mod_ssl using /etc/httpd/conf/ssl.csr/server.csr file (this file created
by OpenSSL /mod_ssl/ VA installation).

2. From Comodo's reply get the certificate (file named .crt) and save it into the /etc/httpd/conf/ssl.crt/server.crt
(this file is already exists and we suggest to create a backup before overwriting) .

NOTE: while copying files, pay attention in case of transfer from Windows to use ASCII, and not binary mode in FTP !

3. From mail or Comodo site get the ca.txt (or ca.crt). This is "Comodo intermediate certificate" or "Comodo bundle certificate" as it named
on site. This file could be also grab from Comodo site

Put this file as /etc/httpd/conf/ssl.crt/ca-bundle.crt.

4. Open /etc/httpd/conf/httpd.conf file in editor and un-comment (remove leading '#' sign) or add following line:

SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt

5. Restart the apache httpd server ( /etc/rc.d/init.d/apachectl restart) .

6. Check the /var/log/httpd/error_log for errors. Open the site in browser with https:// <https:///> prefix. and check the /var/log/httpd/error_log again.

In case of errors in /var/log/httpd/error_log that are looks like this:


[Thu Oct 14 14:42:48 2004] [error] mod_ssl: Init: ( Unable to configure verify locations for client authentication (OpenSSL library error follows)

[Thu Oct 14 14:42:48 2004] [error] OpenSSL: error:02001002:system library:fopen:No such file or directory

[Thu Oct 14 14:42:48 2004] [error] OpenSSL: error:2006D002:BIO routines:BIO_new_file:system lib

[Thu Oct 14 14:42:48 2004] [error] OpenSSL: error:0E064002:configuration file routines:CONF_load:system lib

[Thu Oct 14 14:42:48 2004] [error] OpenSSL: error:0906D06C:PEM routines:PEM_read_bio:no start line [Hint: Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?]

[Thu Oct 14 14:42:48 2004] [error] OpenSSL: error:0B084009:x509 certificate routines:X509_load_cert_crl_file:missing asn1 eos


Ask server administrator to create the /usr/share/ssl/openssl.cnf file in VDS. This file could be taken from RedHat server or simple use this 'dummy' one:

#------- openssl.cnf dummy ---------------------------------

HOME = .


oid_section = new_oids



Also you can get help at link below:


5f478287f7e74fe9b07217d8131cd741 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF