Instructions for Installing a Verisign Step-Up Certificate


Please print out these instructions and follow them carefully. Then, you can start enjoying the benefits of 128 bit secure, authenticated communication with your customers. YOU WILL NEED TO INSTALL BOTH CERTIFICATES for your server to properly initiate 128 bit sessions with browsers: When you receive your global ID from VeriSign, you will also need to install an Intermediate CA that can be obtained by clicking here http://www.verisign.com/cus/srv/install/intermediate/v00g.html These certificates should look like this: 

> -----BEGIN CERTIFICATE-----

> XnXnLGataMJyfTgVzxtGekXbxLAK0XPMKq7iDPRa4VwIAM0DuhoX7ssIdRxPMr73

> [...]

> 2QqDUTdkdTq3sFJTJ7+cTUGjdPPHOm2JtqGJH1SE8UVXUTOLMEyVHXbH9eOFZoJ6

> Izn3eOUvbto9eu3pI3eyFL95bb/Dj0JKVQ==

> -----END CERTIFICATE-----


You will need to install both certificates for your server to properly initiate 128 bit sessions with browsers:

    TO INSTALL THE INTERMEDIATE CA CERTIFICATE

    Get Intermediate CA Here

  1. In the Web Server Admin Server, choose the Servers Tab, and choose Manager Server link.
  2. Select the appropriate server and click on Manage. Choose Security Tab and from the side panel menu on the left frame, select the "Install Certificate" option.
  3. On the "Install a Server Certificate" frame, do the following:
    1. Select the "Server Certificate Chain" radio button
    2. Under certificate name type in "VeriSign International Server CA - Class 3"
    3. Select the "Message text (with headers)" radio button.
    4. select (highlight) the certificate marked as the INTERMEDIATE CA CERTIFICATE, including the two lines labeled "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" and copy them onto the clipboard. Cut and paste the Intermediate CA from the following location: http://www.verisign.com/cus/srv/install/intermediate/v00g.html
    5. In the Admin server's "Message text (with headers)" frame, paste the copied information from the clipboard into the space provided. Click OK
    6. Click add certificate on the page where the cert profile is shown
    7. There should be some processing and a statement saying that the server which utilizes this information must be shutdown and restarted. Again, don't shutdown and restart the server until the steps below are completed.
    8. Continue below


    NOW INSTALL THE SIGNED CERTIFICATE:
  4. Click install certificate
  5. In the "Install a Server Certificate" frame, do the following:
    1. Select the "This Server" radio button
    2. Select the "Message text (with headers)" radio button.
    3. Go to your VeriSign email with the cert included. In the email window, select (highlight) the certificate marked as the SERVER SUBSCRIBER CERTIFICATE, including the two lines labeled "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----", and copy it onto the clipboard.
    4. In the Admin server's "Message text (with headers)" frame, paste the copied information from the clipboard into the space provided. Click OK
  6. Click add certificate on the page where the cert profile is shown
  7. There should be some processing, and a statement saying that the server which utilizes this information must be shutdown and restarted. However, it is not necessary to restart the server until all the steps below have been completed.


Turning On Encryption
  1. Click on the Preferences Tab in the server manager
  2. Click on Encryption On/Off
  3. In Encryption On/Off window, click the ON radio button.
  4. Choose your port number (default is port 443)
  5. Click OK.
  6. Click Save and Apply changes
  7. Finally, the server should then be shutdown and restarted.