Login to the WiDirect over SSH using username portal. Become the root user by running the command "su -".
First you will create the key file, and then the certificate signing request from that key file.

First generate key file:
openssl genrsa -out localhost.key 2048

Generate CSR:
openssl req -new -key localhost.key -out localhost.csr

To self-sign the key while you wait for the certificate the following command may all be used:
openssl req -new -x509 -nodes -sha1 -days 365 -key localhost.key > localhost.crt

Copy file from CSR file from the WiDirect. You can use a program such as WinSCP to connect to the widirect. Once you get the certificate, copy it using WinSCP to the portal directory.
Now make sure you're logged in as the root user (command su -)
Move the certificate to the proper place:
mv localhost.crt /etc/pki/tls/certs/localhost.crt

Move the key:
mv localhost.key /etc/pki/tls/private/localhost.key

Sometimes you may also be given a bundle file. If so, move that as well:
mv gd_bundle.crt /etc/pki/tls/certs

You need to modify the ssl configuration file to use the bundle file if given one:
emacs /etc/httpd/conf.d/ssl.conf
There is a line that looks like this:
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
Needs to be changed to this:
SSLCACertificateFile /etc/pki/tls/certs/gd-bundle.crt


Then type "service httpd restart" to restart the web service. If there are any errors it is critical that they be fixed.