Difference between revisions of "SSL Certificates"

From Hostek.com Wiki
Jump to: navigation, search
(Do You Support SSL 3.0?)
(Installing a third-party SSL Certificate)
 
(6 intermediate revisions by 4 users not shown)
Line 16: Line 16:
  
 
You will be contacted via Email/Phone, if needed, for any further information.
 
You will be contacted via Email/Phone, if needed, for any further information.
 +
 +
*Please note that we will need to send the SSL approval email to one of the following email addresses:
 +
*#admin@your-domain-name.com <br>
 +
*#administrator@your-domain-name.com <br>
 +
*#webmaster@your-domain-name.com <br>
 +
*#hostmaster@your-domain-name.com <br>
 +
*#postmaster@your-domain-name.com <br>
 +
 +
(These are the only email addresses we can send the approval email.)
  
 
==Installing SSL in WCP==
 
==Installing SSL in WCP==
Line 24: Line 33:
 
#Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
 
#Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
 
#Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the '''"Signed Certificate"''' text box and click '''"Save"'''
 
#Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the '''"Signed Certificate"''' text box and click '''"Save"'''
#Select your site from the drop-down menu and click '''"Save"'''<br />'''NOTE:''' If your site does not have a Static IP set, you will need to contact support to have it enabled.
+
#Select your site from the drop-down menu and click '''"Save"'''<br />
  
 
==Installing SSL in cPanel==
 
==Installing SSL in cPanel==
 +
 +
====Generate a Private Key====
 
#Log into your cPanel. For example:<nowiki>http://yourdomainhere.com/cpanel</nowiki>
 
#Log into your cPanel. For example:<nowiki>http://yourdomainhere.com/cpanel</nowiki>
#Click on '''"SSL/TLS Manager"''' under the '''"Security"''' heading
+
#Under the "Security" section, click on the <code>SSL/TLS Manager</code> button.
#Click on '''"Generate, view, upload, or delete your private keys"''' under '''"Private Keys (KEY)"'''
+
#Under "Private Keys (KEY)", click on the <code>Generate, view, upload, or delete your private keys.</code> link.
#Select your domain name from the drop-down menu under '''"Generate a New Key"''', select '''"2,048 bits"''' and click '''"Generate"'''
+
#Select your domain name from the drop-down menu under "Generate a New Key", select '''2,048 bits-0''' and click the <code>Generate</code> button.
#Click '''"Return to SSL Manager"'''
+
#Click on <code>Return to SSL Manager</code> at the bottom of the page.
#Click '''"Generate, view, or delete SSL certificate signing requests"''' under '''"Certificate Signing Requests (CSR)"'''
+
====Generate a CSR====
#Fill out the required information for the SSL certificate and click '''"Generate"'''
+
#Log into your cPanel. For example:<nowiki>http://yourdomainhere.com/cpanel</nowiki>
 +
#Under the "Security" section, click on the <code>SSL/TLS Manager</code> button.
 +
#Under "Certificate Signing Requests (CSR)", click on the <code>Generate, view, or delete SSL certificate signing requests.</code> link.
 +
#Fill out the required information for the SSL certificate and click on the <code>Generate</code> button.
 
#Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
 
#Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
#Click '''"Return to SSL Manager"'''
+
#Click on <code>Return to SSL Manager</code> at the bottom of the page.
#Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the '''"Upload a New Certificate"''' text box and click '''"Upload"'''.
+
====Install SSL====
#Click '''"Setup a SSL certificate to work with your site"''' under '''"Activate SSL on Your Web Site (HTTPS)"'''
+
#Log into your cPanel. For example:<nowiki>http://yourdomainhere.com/cpanel</nowiki>
#Select your domain from the drop-down list. The '''"Certificate"''', and '''"Key"''' text boxes should automatically fill in with the information for your SSL.
+
#Under the "Security" section, click on the <code>SSL/TLS Manager</code> button.
#Click '''"Install Certificate"'''
+
#Under "Certificates (CRT)", click on the <code>Generate, view, upload, or delete SSL certificates.</code> link.
 +
#Once you have received the SSL certificate back from your SSL provider you'll need to paste the Completed Certificate Text into the '''"Upload a New Certificate"''' box and click <code>Upload</code>
 +
#Click on <code>Return to SSL Manager</code> at the bottom of the page.
 +
#Under "Install and Manage SSL for your site (HTTPS)", click on the <code>Manage SSL sites.</code> link.
 +
#Under the "Install an SSL Website" section, click on the "Select a Domain" drop-down menu to select the domain that you wish to install an SSL for.
 +
#Click on the <code>Autofill by Domain</code> button.
 +
#Click on the <code>Install Certificate</code> button.
 +
#If there are any errors, you might need to add either a Private Key (KEY) or Certificate Authority Bundle: (CABUNDLE) to it. Otherwise, please contact support.
 +
 
 +
==Transferring a SSL from IIS[Windows] to cPanel[Linux]==
 +
 
 +
*These steps provide a way for you to convert your SSL relatively painless.
 +
 
 +
#Export the Certificate [from IIS] to a .pfx file
 +
#Go to this URL and convert the '''.pfx''' file to a '''.pem''' file:
 +
##https://www.sslshopper.com/ssl-converter.html
 +
#Open the .pem file in Notepad [or a program like it] and Copy the '''Private Key''' section
 +
#Install the SSL through the Upload File option [in cPanel]
 +
##It will have the title of '''"Choose a certificate file (*.crt)."'''
 +
#You'll want to delete the '''CA Bundle''' area, and then Paste the '''Private Key''' that you had previously copied
 +
#Finish the install, and it should work just fine for you.
 +
 
 +
==Installing a third-party SSL Certificate==
 +
 
 +
*If you have purchased or already own a 3rd-party SSL Certificate, here is how to install it.
 +
 
 +
#Log in to the WCP at https://wcp.hostek.com/
 +
#Click on '''"Dedicated SSL"''' under the '''"Security and SSL"''' heading
 +
#Click '''"Generate Certificate Request"''' (CSR)
 +
#Fill out the information required for the SSL Certificate and click '''"Save"'''
 +
#Provide the CSR code [that you have just generated] to your SSL provider
 +
#Once you have received the SSL Certificate (e.g. .pfx,  .crt,  .cer, etc.) back from your SSL provider you'll need to follow these sub-steps:
 +
##Go to the '''Dedicated SSL''' button
 +
##Click on the '''Pencil''' icon next to the CSR that you previously created
 +
##Paste the SSL code [commonly found in your '''.crt''' or '''.cer''' file] into the '''"Signed Certificate"''' text box and click '''"Save"'''
 +
#Select your site from the drop-down menu and click '''"Save"'''
 +
 
 +
==Ordering a Dedicated/Static IP Address==
 +
#Login to your Client Area https://cp.hostek.com/
 +
#Go to '''Services'''
 +
#Click on '''Order New Services'''
 +
#Select the CATEGORY (located at near the top of the page) '''Dedicated ip Address'''
 +
#Click on the '''Order Now''' button located on the '''Dedicated ip Address''' product
 +
##You can flag which domain this is for in the order form
 +
 
 +
*'''Notice:''' If you host your DNS Records elsewhere, you will need to update the A Records.
 +
*#This is done wherever your DNS Records are being hosted (commonly at the Registrar), you'll need to point to the new IP Address our team will supply to you after your order.
  
 
==Do You Support SSL 3.0?==
 
==Do You Support SSL 3.0?==
Due to the POODLE vulnerability in SSL 3.0, we no longer support it.
+
Due to the POODLE vulnerability in SSL 3.0, we no longer support it.  With the releases of TLS 1.0 and 1.2, modern browsers do not use SSL 3.0 anymore and use these more secure protocols.
  
  

Latest revision as of 18:30, 27 February 2018


What Is An SSL Certificate?

A SSL certificate encrypts the data that is sent over your website so that a third party cannot view it and exploit it. SSL certificates are typically used on sites that need to accept credit card information or any other type of sensitive data that you do not want exposed.

When to use an SSL Certificate

You would want to use an SSL certificate when your web page is collecting person information or if you are requesting a password. This provides an added layer of security for your visitors.

Ordering an SSL Certificate

  1. Login to your client billing area (https://cp.hostek.com).
  2. Click Services and then Order New Service.
  3. Find where it says Choose Another Category and click it and select SSL Certificates.
  4. Find the Certificate you would like to order and click 'Order Now'.
  5. Fill in the necessary information in the text boxes accurately, then click 'Update Cart'.
  6. Once the order is complete, our Support Team will process the installation of your Certificate.

You will be contacted via Email/Phone, if needed, for any further information.

  • Please note that we will need to send the SSL approval email to one of the following email addresses:
    1. admin@your-domain-name.com
    2. administrator@your-domain-name.com
    3. webmaster@your-domain-name.com
    4. hostmaster@your-domain-name.com
    5. postmaster@your-domain-name.com

(These are the only email addresses we can send the approval email.)

Installing SSL in WCP

  1. Log in to the WCP at http://wcp.hostek.com
  2. Click on "Dedicated SSL" under the "Security and SSL" heading
  3. Click "Generate Certificate Request"
  4. Fill out the required information for the SSL certificate and click "Save"
  5. Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
  6. Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the "Signed Certificate" text box and click "Save"
  7. Select your site from the drop-down menu and click "Save"

Installing SSL in cPanel

Generate a Private Key

  1. Log into your cPanel. For example:http://yourdomainhere.com/cpanel
  2. Under the "Security" section, click on the SSL/TLS Manager button.
  3. Under "Private Keys (KEY)", click on the Generate, view, upload, or delete your private keys. link.
  4. Select your domain name from the drop-down menu under "Generate a New Key", select 2,048 bits-0 and click the Generate button.
  5. Click on Return to SSL Manager at the bottom of the page.

Generate a CSR

  1. Log into your cPanel. For example:http://yourdomainhere.com/cpanel
  2. Under the "Security" section, click on the SSL/TLS Manager button.
  3. Under "Certificate Signing Requests (CSR)", click on the Generate, view, or delete SSL certificate signing requests. link.
  4. Fill out the required information for the SSL certificate and click on the Generate button.
  5. Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
  6. Click on Return to SSL Manager at the bottom of the page.

Install SSL

  1. Log into your cPanel. For example:http://yourdomainhere.com/cpanel
  2. Under the "Security" section, click on the SSL/TLS Manager button.
  3. Under "Certificates (CRT)", click on the Generate, view, upload, or delete SSL certificates. link.
  4. Once you have received the SSL certificate back from your SSL provider you'll need to paste the Completed Certificate Text into the "Upload a New Certificate" box and click Upload
  5. Click on Return to SSL Manager at the bottom of the page.
  6. Under "Install and Manage SSL for your site (HTTPS)", click on the Manage SSL sites. link.
  7. Under the "Install an SSL Website" section, click on the "Select a Domain" drop-down menu to select the domain that you wish to install an SSL for.
  8. Click on the Autofill by Domain button.
  9. Click on the Install Certificate button.
  10. If there are any errors, you might need to add either a Private Key (KEY) or Certificate Authority Bundle: (CABUNDLE) to it. Otherwise, please contact support.

Transferring a SSL from IIS[Windows] to cPanel[Linux]

  • These steps provide a way for you to convert your SSL relatively painless.
  1. Export the Certificate [from IIS] to a .pfx file
  2. Go to this URL and convert the .pfx file to a .pem file:
    1. https://www.sslshopper.com/ssl-converter.html
  3. Open the .pem file in Notepad [or a program like it] and Copy the Private Key section
  4. Install the SSL through the Upload File option [in cPanel]
    1. It will have the title of "Choose a certificate file (*.crt)."
  5. You'll want to delete the CA Bundle area, and then Paste the Private Key that you had previously copied
  6. Finish the install, and it should work just fine for you.

Installing a third-party SSL Certificate

  • If you have purchased or already own a 3rd-party SSL Certificate, here is how to install it.
  1. Log in to the WCP at https://wcp.hostek.com/
  2. Click on "Dedicated SSL" under the "Security and SSL" heading
  3. Click "Generate Certificate Request" (CSR)
  4. Fill out the information required for the SSL Certificate and click "Save"
  5. Provide the CSR code [that you have just generated] to your SSL provider
  6. Once you have received the SSL Certificate (e.g. .pfx, .crt, .cer, etc.) back from your SSL provider you'll need to follow these sub-steps:
    1. Go to the Dedicated SSL button
    2. Click on the Pencil icon next to the CSR that you previously created
    3. Paste the SSL code [commonly found in your .crt or .cer file] into the "Signed Certificate" text box and click "Save"
  7. Select your site from the drop-down menu and click "Save"

Ordering a Dedicated/Static IP Address

  1. Login to your Client Area https://cp.hostek.com/
  2. Go to Services
  3. Click on Order New Services
  4. Select the CATEGORY (located at near the top of the page) Dedicated ip Address
  5. Click on the Order Now button located on the Dedicated ip Address product
    1. You can flag which domain this is for in the order form
  • Notice: If you host your DNS Records elsewhere, you will need to update the A Records.
    1. This is done wherever your DNS Records are being hosted (commonly at the Registrar), you'll need to point to the new IP Address our team will supply to you after your order.

Do You Support SSL 3.0?

Due to the POODLE vulnerability in SSL 3.0, we no longer support it. With the releases of TLS 1.0 and 1.2, modern browsers do not use SSL 3.0 anymore and use these more secure protocols.