1. Prerequisites:

• Credentials (Guide:Link)
• SSL/TLS enabled on your Apache server (Guide: Link)
• TZ-preconfigured ACME Pro client (Guide:Link)
• Pre validated domain (Guide:Link)

2. Start by creating a batch file. We do this by opening an empty notepad document.
Paste this into the document: [[net stop “Apache2.4” & sc start “Apache2.4”]]

Tip: This is just a simple script that will restart your apache server automatically, whenever a new certificate is ordered.

3. Click “Save as”
Navigate to the “scripts” folder inside your simple-acme folder.
Name the file “RestartApache.bat“
Important: Change the “Save as type” to “All Files (*.*)“

4. Open your simple-acme folder and run WACS.exe as administrator

Tip: You can order a certificate without administrator rights, however the client cannot create a scheduled task for automated renewal, without administrator rights.

5. Select option “M” in order to create a new certificate with full options available.

6. Select option “2“, to manually enter host names.

7. Input your domain name, e.g. “trustzone.com“
For wildcards: “*.trustzone.com,trustzone.com“

8. The client will ask for a friendly name. We usually leave this blank, so just hit “enter“

9. In this step we select option “4“, to create a single certificate

10. In this step we select how we would like to validate our ownership. Since this guide is for pre-validated domains, we select option “9“.

Tip: If you need help on pre-validation, refer to the “Prerequisites” section in the top of this guide.

11. Here we select option “2” to use RSA public/private key pair.

If your system require ECC certificates, you can contact us atsupport@trustzone.com

12. As we want .pem files for our Apache server we select option “4“.

13. Next we have to specify where we want the certificate to be stored. In our case we use this path: [[C:\Apache24\conf]]

Tip: If you need assistance in enabling SSL for your apache server, and in turn where the certificate needs to be stored, refer to the “Prerequisites” section in the top of this guide.

14. The client now asks for a password, in our case we select option “1” to leave it without a password.

15. Select option “6“, for no additional store steps.

16. In order to use the small script we created earlier, we want to select option “2“, to run an external script every time acme renews the certificate.

17. Input the path to the script we made earlier e.g. “[[C:\simple-acme.v2.3.3.2009.TZ-Configured\Scripts\RestartApache.bat]]”

18. Since our script doesn’t use any parameters, just hit enter when prompted for “Parameters”

Tip:
In the screenshot, we pass some parameters. You do NOT need to do this.

19. Select option “3” for no additional installation steps.

20. Now it’s time to review the terms of service. If you do not wish to view them, but still accept them, press “n” and then “y“.

21. Input your credentials.

Tip: If you need assistance in finding your credentials, please refer to the “Prerequisites” section in the top of this guide.

22. If you have a specific user you want the task to run as, select “y“.
In our case, we are using the standard user, so we select “n“.

23. Done! Now its time to check your domain and see if the certificate is updated.