== copied from my wiki [0] ===


06/04/25 : Renew SSL certificate

Same procedure as before Download "Certificate" -> signed.crt

Download "Intermediate Certificate" -> ca.pem Upload via WinSCP to
VPS 

Copy old /usr/local/ssl/signed.crt -> signed.crt.old 

Copy old /usr/local/ssl/ca.pem -> ca.pem.old Copy new files into
/usr/local/ssl 

Restart Apache 

There were 2 "Intermediate Certificate" for download from Fast
Hosts...

I used the one named 7D5B5126B476BA11DB74160BBC530DA7.cer 

This is the same as the one used when I renewed YaddNet.org SSL
YaDDNet : VPS SSL Renewal 

It seems that the intermediate certificate is not unique to the
domain being secured, it's a certificate that verifies the identity
of the authenticator of the domain's SSL certificate.

##################################################################

UPDATE ON "TWO INTERMEDIATE CERTIFICATES" :  5/7/25

I've discovered that the 2 Intermediate Certificates are necessary
to complete the chain of authority.

What should be done is to join them together into one ca.pem file
(and in the correct order... )


cat intermediate1.cer intermediate2.cer > ca.pem

 
[root@wiki:/home/g4slv/ssl]# cp ca.pem /usr/local/ssl
 
[root@wiki:/home/g4slv/ssl]# systemctl restart apache2



[0] https://g4slv.info