Is it 'postive' or 'positive'?
Positive has official guide for you: http://www.positivessl.com/ssl-certific … he-ssl.php

Search our forum will give you more references:
https://www.google.com/search?client=sa … p;oe=UTF-8

Unix doesn't care about file extensions. Someone use '.pem' as cert file, but someone use '.crt' instead. I believe the '.crt' is the same as  '.pem' in our case.

This is error I am getting SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

So I need to know what I need to do to fix this issue.

I have followed there faq and I need to know what files to replace with yours with theres?

#   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.
    SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
    SSLCertificateKeyFile /etc/ssl/private/iRedMail.key

    #   Server Certificate Chain:
    #   Point SSLCertificateChainFile at a file containing the
    #   concatenation of PEM encoded CA certificates which form the
    #   certificate chain for the server certificate. Alternatively
    #   the referenced file can be the same as SSLCertificateFile
    #   when the CA certificates are directly appended to the server
    #   certificate for convinience.
    #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

this is what default SSL is on and from what PositiveSSL is showing:

from there website:
Step two: Install the Intermediate Certificate
You will need to install the Intermediate CA certificates in order for browsers to trust your certificate. The Intermediate CA certificates are contained within the 'ca-bundle' file that was attached to your email in the *.zip file we sent you (this should be named 'yourSERVERNAME.ca-bundle'), or click to download the PositiveSSL ca-bundle file

In the relevant 'Virtual Host' section for your site, you will need to do the following to get this file correctly referenced:

a. First, copy the 'yourSERVERNAME.ca-bundle' file to the same directory as the certificate and key files. As a reminder, in this example we called the directory '/etc/ssl/crt/'.

b. Next, add the following line to the SSL section of the 'httpd.conf' file. Again we assume that '/etc/ssl/crt/' is the directory to where you have copied the intermediate CA file. If the line already exists amend it to read the following:

    SSLCertificateChainFile /etc/ssl/crt/yourSERVERNAME.ca-bundle

c. If you are using a different location and different certificate file names, you will need to change the path and filename to reflect the path and filename that you are using. The SSL section of the updated config file should now read:

   SSLCertificateFile /etc/ssl/crt/yourDOMAINNAME.crt
   SSLCertificateKeyFile /etc/ssl/crt/private.key
   SSLCertificateChainFile /etc/ssl/crt/yourSERVERNAME.ca-bundle

d. Save your 'config' file and restart Apache.

do I place this info on httpd.conf or replace the files inside of /etc/apache2/default-ssl    ?