This is an old revision of the document!
We get our SSL certs from startcom via a level2 personal validation.
Certs cover:
servername.country.afternet.org *.afternet.org afternet.org (built in by startcom)
Then you decrypt the key:
openssl rsa -in ssl.key -out ssl.key
Then they must be combined into a .pem file:
cat server.key server.crt startcom-ca-bundle.pem startcom-ca.pem > ircd.pem
cat server.key startcom-sub.class2.server.ca.pem > ircd.pem