Moving your Custom SSL Certificate
	If you are moving your secure Web site from one server to another, there are a few specific things you need to be aware of in order for the certificate to work on the new server.
	Changing Operating Systems
	Digital certificates work differently with different operating systems and Web Server software. Because of this, a certificate generated for a Windows 2000 server running the IIS Web server does not work on a UNIX server running Apache. Likewise, a UNIX server running Netscape Web Server can not use a certificate designed to run on a UNIX server running Apache. All the Virtual Private Servers run a variant of Apache on a UNIX platform, however, which means that if you are moving from one Virtual Private Server to another, the certificate will probably work. If your current certificate is not compatible with your new server, you will need to obtain a certificate for the new operating system and Web server. Most Certificate Authorities will issue a transfer certificate at a lesser cost than obtaining a new certificate. When transferring your certificate to a Virtual Private Server, be sure to get a certificate for Apache with SSL, openssl, or ModSSL (these are all the same thing, although different Signing Authorities may use slightly different names). The Signing Authority will provide you with instructions on how to install a Transfer Certificate.
	Moving a Certificate to a New Server
	If your current certificate is compatible with the server you are moving your secure Web site to, you do not need to get a new certificate. Simply move your certificate to the new server and ensure that it works. Set up SSL on the new server If you have not already done so, make sure that the new server has SSL running on it. Copy the Certificate to the New Server Using FTP or another method, copy the certificate and Private Key files to the new server. Both the certificate and the key are stored in the ~/etc/ directory of the Virtual Private Server. The certificate should be in a file named ssl.cert, and the key should be in the ssl.pk file. If you use FTP, be sure to copy the files to the new server as ASCII files. Make Sure your Private Key has been Decrypted It's a good idea to check your Private Key to make sure it has been decrypted. Use more or your favorite text editor to view the file. If your key has been decrypted, you should not see the following lines before the encoded elements of the key. Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,BCC23A5E16582F3D If your Private Key does have those lines near the beginning, run the following command to remove the encryption. % openssl rsa -in ssl.pk -out ssl.pk Restart Apache With the ~/etc/ssl.pk in place and decrypted, and the ~/etc/ssl.cert in place on your Virtual Private Server, run the restart_apache command to restart your Web server so that it will use the new certificate. If you have trouble getting your certificate to work, check the Digital Certificate Troubleshooting Guide for help. You are also welcome to Contact our Support Staff for help.