Wednesday, 8 November 2017

Generate SSL Certificate

We can create temporary SSL certificate:
1.Select Domain info in the Domain Settings menu given in the left menu.
2. Click the Edit icon in the Web Service field.
3. Scroll the form to locate section with SSL.
4. Toggle the ON/OFF button to enable the SSL.
5. Agree to charges, if any.
6. Click the link at the top of the form that appears
Generate a temporary SSL certificate and certificate request
7. On the page that appears, confirm your details by clicking the Submit button.
8. These data will be used to generate the certificate. Don't make changes to the data if you are not sure about the purpose of these changes.

SSL Certificate Signing request. It includes the details that you submitted on the previous step. Use this request if you want to get a permanent SSL certificate from a trusted Certificate Authority, such as Thawte and VeriSign .
2. SSL Server Private Key. This is the secret key to decrypt messages from your visitors. It must be stored in a secure place where it is inaccessible to others. Don't lose this key, you will need it if you get a permanent certificate.
3. Temporary SSL Certificate. It validates your identity and confirms the public key to assure the visitors that they are communicating with your server, not any other party.

To use the SSL key and certificate that you already have, for that:
1. Select Domain info in the Domain Settings menu.
2. From the web options section, Click the Edit icon in the Web Service field.
3. You need to enable SSL, for that Scroll the form with a list of options until you locate section with SSL. This is a Toggle the ON/OFF button to enable the SSL. Agree to charges, if any.
4. Enter the SSL Server Private Key and SSL Certificate in the boxes that appear.
5. In the Site Name field, choose whether you want to secure with or without the www prefix. Only one option will work correctly. For instance, if you choose to secure http://www.cpwebhosting.com, your visitors will get security warnings when they go to http://cpwebhosting.com.
2. Click on the Submit button. Your site is now secured.


If your certificate is about to expire, you must do the following:

1. Find the certificate signing request (CSR) that you saved when acquiring the old certificate.
2. Go to your certificate authority and choose to renew the certificate. When requested, enter the CSR.
3. After the permanent SSL Certificate has been generated, save it to a secure location.
4. From the left menu select the domain info from the domain settings.
5. Click the Edit icon in the Web Service field.
6. Go to the Web Service page and click the Edit icon in the SSL field.
7. Enter the certificate into the upper box of the form that opens ("Install Certificate based on previously generated Certificate request"):
8. Enter the certificate into the upper box of the form that opens and click Upload.

To install a certificate and key on the site and gets the following error: Invalid certificate format, file: server.key

To install your certificate and key on your site, you need to remove encryption and enter it in clear-text format. Encryption can be removed with the OpenSSL utility of Unix Shell on any Unix server where OpenSSL utilities pack is installed, for example on the Control Panel box.

1. Put you encrypted Private Key into a separate file and save it as server_old.key
2. In Unix Shell, execute the following command: openssl rsa -in server_old.key -out server.key
3. Enter the password when prompted.
4. A new file (server.key) will be generated. It will contain the Private Key in a plain text format.

No comments:

Post a Comment