The cert for nodus has been renewed for another 2 years.
The following is the basic procedure for getting a new cert: (Note certs are only good for two years as of 2018)
openssl req -sha256 -nodes -newkey rsa:2048 -keyout nodus.ligo.caltech.edu.key -out nodus.ligo.caltech.edu.csr
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CaliforniaLocality Name (eg, city) :Pasadena
Organization Name (eg, company) [Internet Widgits Pty Ltd]:California Institute of Technology
Organizational Unit Name (eg, section) :LIGO
Common Name (eg, YOUR name) :nodus.ligo.caltech.edu
Leave the e-mail address, challenge password and optional company name blank. A new private key will be generated.
chown root nodus.ligo.caltech.edu.key
chgrp root nodus.ligo.caltech.edu.key
chmod 0600 nodus.ligo.caltech.edu.key
The nodus.ligo.caltech.edu.csr file is what is sent in for the cert.
This file should be sent to either email@example.com or firstname.lastname@example.org and copy email@example.com.
A URL llink with the new cert to be downloaded will be sent to the requestor.
Once the files are downloaded, the new cert and intermediate cert, they can be copied and renamed.
The PEM-encoded host certificate by itself is saved at:
The nodus.ligo.caltech.edu.key file should be in the same directory or whichever directory is indicated in the ssl.conf located in /etc/httpd/conf.d/ directory.
httpd will need to be restarted in order for it to see the new cert.