The Mywebinterface.com control panel allows generatation SSL certificate requests for websites and the installation of the SSL certificate obtained from Certificate Authorities such as Verisign, Thawte, Komodo, and others. This is accomplished within the website's "Website Settings" tab under "Secure Website".

Many Certificate Authorities have been moved to the use of intermediary certificates, also called chain certificates, which allows browsers to ensure the authenticity of your website's SSL certificate. All browsers are shipped with a set of keys for a limited set of Certificate Authorities which provide this authentication. Distribution of keys for new Certificate Authorities is incredibly difficult. Thus these intermediary certificates are authenticated by the browser and thus anything which they authenticate will be valid as well.

Although the Mywebinterface.com control panel does not have a direct means of adding the chain certificate, it can still be accomplished with only 2 modifications to the normal installation procedure.

The first modification is that the chain certificate is appended to the site's SSL certificate when it is installed. Therefore the entry in the SSL certificate text box would appear similar to:

-----BEGIN CERTIFICATE-----
MIIEKjCCA5OgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBxTELMA kGA1UEBhMCLS0x
...
VSzHX3qMgtALXAfqCUFvoc=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
BxDNPZXGBcJoIvU6k7Gh3r/xNyb5pt39h/GvKFu8ldCwiqnH9btWN1hiFTnku3y4
...
Uz5MarG9+4VAS8=
-----END CERTIFICATE-----

Once this certificate is uploaded to the server, you'll need to configure Apache to use the chain certificate appended to the SSL certificate. This is done by clicking on the "Custom Settings" tab and add the following line, replacing domain.com with the domain name of the site:

SSLCertificateChainFile /etc/httpd/conf/ssl.crt/domain.com.hspc.crt

The SSL certificate should now be active, although a restart of Apache may sometimes be required.