204 | | When you receive the signed certificate copy it into `/etc/ndg/ows_server/conf/certs/discovery.crt`. |
| 204 | When you receive the signed certificate copy it into `/etc/ndg/ows_server/conf/certs/discovery.crt`. Once you have the certificate, the certificate request file `discovery.csr` can be removed. |
| 205 | |
| 206 | The new certificate and private key should be referenced in the discovery config file as follows: |
| 207 | {{{ |
| 208 | # WS-Security signature handler |
| 209 | # This is an application certificate ... (which may be a machine certificate) |
| 210 | # X.509 certificate sent with outbound signed messages |
| 211 | wssCertFilePath: /etc/ndg/ows_server/conf/certs/discovery.crt |
| 212 | |
| 213 | # Private key used to sign messages |
| 214 | # This is an application certificate ... (which may be a machine certificate) |
| 215 | wssKeyFilePath: /etc/ndg/ows_server/conf/certs/discovery.key |
| 216 | |
| 217 | # Password for private key - comment out if the file is not password protected |
| 218 | wssKeyPwd: password |
| 219 | }}} |
| 220 | |
| 221 | In the above replace `password` with the password you set to protect the private key. If no password was set leave this field blank. |