SSL Certificates

From Hostek.com Wiki
Revision as of 17:27, 13 April 2015 by Seanc (Talk | contribs)

Jump to: navigation, search


What Is An SSL Certificate?

A SSL certificate encrypts the data that is sent over your website so that a third party cannot view it and exploit it. SSL certificates are typically used on sites that need to accept credit card information or any other type of sensitive data that you do not want exposed.

When to use an SSL Certificate

You would want to use an SSL certificate when your web page is collecting person information or if you are requesting a password. This provides an added layer of security for your visitors.

Ordering an SSL Certificate

  1. Login to your client billing area (https://cp.hostek.com).
  2. Click Services and then Order New Service.
  3. Find where it says Choose Another Category and click it and select SSL Certificates.
  4. Find the Certificate you would like to order and click 'Order Now'.
  5. Fill in the necessary information in the text boxes accurately, then click 'Update Cart'.
  6. Once the order is complete, our Support Team will process the installation of your Certificate.

You will be contacted via Email/Phone, if needed, for any further information.

  • Please note that we will need to send the SSL approval email to one of the following email addresses:
    1. admin@your-domain-name.com
    2. administrator@your-domain-name.com
    3. webmaster@your-domain-name.com
    4. hostmaster@your-domain-name.com
    5. postmaster@your-domain-name.com

(These are the only email addresses we can send the approval email.)

Installing SSL in WCP

  1. Log in to the WCP at http://wcp.hostek.com
  2. Click on "Dedicated SSL" under the "Security and SSL" heading
  3. Click "Generate Certificate Request"
  4. Fill out the required information for the SSL certificate and click "Save"
  5. Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
  6. Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the "Signed Certificate" text box and click "Save"
  7. Select your site from the drop-down menu and click "Save"
    NOTE: If your site does not have a Static IP set, you will need to contact support to have it enabled.

Installing SSL in cPanel

  1. Log into your cPanel. For example:http://yourdomainhere.com/cpanel
  2. Click on "SSL/TLS Manager" under the "Security" heading
  3. Click on "Generate, view, upload, or delete your private keys" under "Private Keys (KEY)"
  4. Select your domain name from the drop-down menu under "Generate a New Key", select "2,048 bits" and click "Generate"
  5. Click "Return to SSL Manager"
  6. Click "Generate, view, or delete SSL certificate signing requests" under "Certificate Signing Requests (CSR)"
  7. Fill out the required information for the SSL certificate and click "Generate"
  8. Provide the generated CSR code to your SSL provider (if you ordered the SSL from us we'll take care of the following steps for you)
  9. Click "Return to SSL Manager"
  10. Once you have received the SSL certificate back from your SSL provider you'll need to paste the SSL code into the "Upload a New Certificate" text box and click "Upload".
  11. Click "Setup a SSL certificate to work with your site" under "Activate SSL on Your Web Site (HTTPS)"
  12. Select your domain from the drop-down list. The "Certificate", and "Key" text boxes should automatically fill in with the information for your SSL.
  13. Click "Install Certificate"

Transferring a SSL from IIS[Windows] to cPanel[Linux]

  • These steps provide a way for you to convert your SSL relatively painless.
  1. Export the Certificate [from IIS] to a .pfx file
  2. Go to this URL and convert the .pfx file to a .pem file:
    1. https://www.sslshopper.com/ssl-converter.html
  3. Open the .pem file in Notepad [or a program like it] and Copy the Private Key section
  4. Install the SSL through the Upload File option [in cPanel]
    1. It will have the title of "Choose a certificate file (*.crt)."
  5. You'll want to delete the CA Bundle area, and then Paste the Private Key that you had previously copied
  6. Finish the install, and it should work just fine for you.

Installing a third-party SSL Certificate

  • Having trouble with your SSL? Despite the fact that you have a third-party SSL, you will still need to order a Static/Dedicated IP Address. (Please refer to: Ordering a Dedicated/Static IP Address)
  • If you have purchased or already own a 3rd-party SSL Certificate, here is how to install it.
  1. Log in to the WCP at https://wcp.hostek.com/
  2. Click on "Dedicated SSL" under the "Security and SSL" heading
  3. Click "Generate Certificate Request" (CSR)
  4. Fill out the information required for the SSL Certificate and click "Save"
  5. Provide the CSR code [that you have just generated] to your SSL provider
  6. Once you have received the SSL Certificate (e.g. .pfx, .crt, .cer, etc.) back from your SSL provider you'll need to follow these sub-steps:
    1. Go to the Dedicated SSL button
    2. Click on the Pencil icon next to the CSR that you previously created
    3. Paste the SSL code [commonly found in your .crt or .cer file] into the "Signed Certificate" text box and click "Save"
  7. Select your site from the drop-down menu and click "Save"
  • Notice: If your site does not have a Static IP Address setup already, you will need to follow the steps below to order one from us.

Ordering a Dedicated/Static IP Address

  1. Login to your Client Area https://cp.hostek.com/
  2. Go to Services
  3. Click on Order New Services
  4. Select the CATEGORY (located at near the top of the page) Dedicated ip Address
  5. Click on the Order Now button located on the Dedicated ip Address product
    1. You can flag which domain this is for in the order form
  • Notice: If you host your DNS Records elsewhere, you will need to update the A Records.
    1. This is done wherever your DNS Records are being hosted (commonly at the Registrar), you'll need to point to the new IP Address our team will supply to you after your order.

Do You Support SSL 3.0?

Due to the POODLE vulnerability in SSL 3.0, we no longer support it. With the releases of TLS 1.0 and 1.2, modern browsers do not use SSL 3.0 anymore and use these more secure protocols.