private key and HTTPS! Now what?

I’m trying to set up a port on B2B Server 4.0.1 to listen for HTTPS but I understand that I need a private key. I downloaded the Certificate Toolkit 1.0 and generated a private key but when I try to enable the port I keep getting:

Failed to start HTTPSListener@9669: config/cert.der (No such file or directory)

“config/cert.der” is NOT the key I generated. The value seems to be coming from the Outbound SSL Certificates | Server’s Private Key setting. However I have also changed that to point to the new private key file that I generated.

Do I need to restart the B2B server for the changes to take effect?

Do I first need to submit the private key to CA or VeriSign? I’m working in a dev/test environment just to set up a proof-of-concept.

In order to configure an HTTPS port, you will need to:

  1. Generate a private key (you can use the Certificate Toolkit)
  2. Generate a certificate signing request (you can use the Certificate Toolkit)
  3. Use the CSR to procure a digital certificate (e.g. from Verisign) or create a self-signed certificate.
  4. Convert the digital certificate and signing CA certificate to DER format (you can use the Certificate Toolkit)

I recommend the wM Administrator’s guide and Security Best Practices handbook for more detailed information. The following website also contains a nice introduction to SSL:

http://developer.netscape.com/docs/manuals/security/sslin/contents.htm