This is an old revision of the document!
GeoTrust Certificates
We have a wildcard certificate for *.surfrock66.com which is used on the actual PlusPlus Hosted www.surfrock66.com site, and is used in the house on any services which are accessible at *.surfrock66.com. Each year, we must purchase it as an add-on to the business hosted package ($140/year), then submit a ticket to PlusPlus Hosting for them to provide a copy of the certificate as a .crt and the key as a .key. They will attach it to the ticket, then after you download it, remove it.
We download the files to sr66-hda at /home/surfrock66/Projects/SSL with the name “wildcard.surfrock66.com.YYYY.EXT” with YYYY as the current year, and EXT as the file extension.
The .crt file needs to be copied to “/etc/ssl/certs/wildcard.surfrock66.com.crt” and the .key needs to be copied to “/etc/ssl/private/wildcard.surfrock66.com.key”. This will apply to all apache sites, and apache needs to be restarted with “systemctl restart apache2”.
Servers that have the wildcard cert and need to be updated when it is renewed: