Content

• Steps

SSL certificates (short for Secure Socket Layer) are the way websites and services are authenticated to encrypt data sent between them and customers. SSL can also be used to verify that you're connected to the correct service you want (for example, am I actually logged into your email service provider or is this just a phishing copy?). If you are providing a website or service that requires a secure connection, it may be necessary to install an SSL certificate to verify your trustworthiness. Check out the following article to learn how.

Steps

Method 1 of 4: use Microsoft Internet Information Services (IIS)

1. 

   Initialize the CSR authentication request code (short for Certificate Signing Request). Before you can purchase and install an SSL certificate, you need to generate a CSR code on your server. This file contains the public and server key information, and is essential for the initialization of a private key. You can generate CSR code in IIS 8 in just a few clicks:
   • Open Server Manager.
   • Click Tools and select Internet Information Services (IIS) Manager.
   • Select the client on which you are installing the certificate below the Connections list.
   • Open the Server Certificates tool.
   • Click the Create Certificate Request link in the upper-right corner, below the Actions list.
   • Fill out the Request Certificate wizard. You will need to enter a two-digit country code, state or province, city or town name, full company name, industry name (for example, IT or Marketing), and website address (often called name domain).
   • Leave the “Cryptographic service provider” field as default.
   • Set "Bit length" to "2048".
   • Name the certificate request file. It doesn't matter what the filename is, as long as you can find it back in your archive.

2. 

   
   
   Purchase an SSL certificate. There are a variety of online services that offer SSL certificates. You need to choose a reputable service to ensure the safety of the website itself and all customers. Popular services include: DigiCert, Symantec, GlobalSign, and so on. The most suitable service will depend on your needs (multiple certifications, enterprise solutions, etc.).
   • You need to upload a CSR file to a certificate service. This file will be used to initiate a certificate for your server. Providers often ask us to upload files, some other services just copy the content of the CSR file.

3. 

   
   
   Download the certificate. The Intermediate Certificate needs to be downloaded from the service from which you purchased the certificate. The Primary Certificate will be sent to you via email or the client area of ​​the website.
   • Rename the primary certificate to "tenntrangweb.cer".

4. 

   Open the Server Certificates tool in IIS again. Here, click on the “Complete Certificate Request” link below the “Create Certificate Request” link that you clicked to initialize the CSR.

5. 

   
   
   Browse for the certificate file. After you've located the file on your computer, you'll need to give the file a close name in order to easily recognize the certificate on the server. Save the certificate in the personal store “Personal”, then click OK to install the certificate.
   • The certificate will appear in the list. If you don't see it, make sure you are using the same server where you generated the CSR code.

6. 

   Associate the certificate with the website. Now that the certificate has been installed, proceed to link to the website you want to protect. Expand the “Sites” folder in the Connections list and click on the website to be protected.
   • Click the Bindings link in the Actions list.
   • Click the Add button in the Site Bindings window that appears.
   • Select “https” from the “Type” drop-down menu, then select the installed certificate from the “SSL certificate” drop-down menu.
   • Click OK and then select Close.

7. 

   Install an Intermediate intermediate certificate. Find an intermediate certificate that you have downloaded from your service provider. Some services provide only one certificate that needs to be installed, others offer more. Copy these certificates to a dedicated directory on the server.
   • After the certificate has been copied, you need to double-click it to open Certificate Details.
   • Click the General tab. Click the "Install Certificate" button at the bottom of the window.
   • Select “Place all certificates in the following store” and then browse to the local store. You can search for local stores by checking the “Show physical stores” box, then selecting Intermediate Certificates and then clicking Local Computer.

8. 

   Restart IIS. Before you start distributing your certificate, you need to restart your IIS server. To restart IIS, click Start and select Run. Enter the command "IISREset" and press Enter.The Command Prompt will appear and show the restart status of IIS.

9. 

   Certificate check. Use different web browsers to check if the certificate is working properly. Connect to your website using the protocol "https: //" to force SSL connection. A padlock icon will appear in the address bar, usually on a green background. advertisement

Method 2 of 4: Using Apache

1. 

   Initialize the CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on your server. This file contains the public and server key information, and is essential for the initialization of a private key. You can generate CSR code directly from the Apache command line:
   • Start the OpenSSL utility. You can find it at / usr / local / ssl / bin /
   • Create a key pair by entering the following command:
   • Create passphrase. You will enter this passphrase every time you interact with the key pair.
   • Start the CSR initialization process. Enter the following command when asked to create a CSR file:
   • Fill in the required information. You will need to enter a two-digit country code, state or province, city or town name, full company name, industry name (for example, IT or Marketing), and website address (often called name domain).
   • Create CSR file. After entering the information, launch the following command to initialize the CSR file on the server:

2. 

   Purchase an SSL certificate. There are a variety of online services that offer SSL certificates. You need to choose a reputable service to ensure the safety of the website itself and all customers. Popular services include: DigiCert, Symantec, GlobalSign, and so on. The most suitable service will depend on your needs (multiple certifications, enterprise solutions, etc.).
   • You need to upload a CSR file to a certificate service. This file will be used to initiate a certificate for your server.

3. 

   Download the certificate. An intermediate certificate needs to be downloaded from the service from which you order the certificate. The primary certificate will be sent via email or the client area of ​​the website. Your key should look something like this:
   • If the certificate is in a text file, you need to change the file extension to .RT before uploading
   • Check the key you have loaded. There will be 5 hyphens "-" on either side of the BEGIN CERTIFICATE and END CERTIFICATE lines. Also check to make sure that there are no extra spaces or line breaks inserted in the key.

4. 

   Upload the certificate to the server. The certificate will be in the directory dedicated to the key and certificate files. For example: / usr / local / ssl / crt /. All certificates need to be stored in the same folder.

5. 

   Open the file "Httpd.conf" in a text editor. Some versions of Apache have a file "ssl.conf" for SSL certificates. You only need to edit one file if you have both. Add the following lines to the Virtual Host section:
   • Save changes to the file when done. Re-upload the file to the server if necessary.

6. 

   Restart the server. After you have changed the file, you can start using the SSL certificate by restarting the server. Most versions can be rebooted by entering the following command:

7. 

   Certificate check. Use different web browsers to check if the certificate is working properly. Connect to your website using the protocol "https: //" to force SSL connection. A padlock icon will appear in the address bar, usually on a green background. advertisement

Method 3 of 4: Use Exchange

1. 

   Initialize the CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on your server. This file contains the public and server key information, and is essential for the initialization of a private key.
   • Open the Exchange Management Console. Click Start> Programs> Microsoft Exchange 2010> Exchange Management Console.
   • After the program launches, click the Manage Databases link in the middle of the window.
   • Select “Server Configuration”. This option is in the left pane. Click the “New Exchange Certificate” link in the Actions list on the right side of the screen.
   • Enter a memorable name for the certificate. This is optional if you feel it for you (does not affect the certificate).
   • Enter configuration information. Exchange will automatically choose the appropriate service, but if the server is not selected you will need to set it up yourself. Make sure that all services that you need to be protected are selected.
   • Enter your organization information. You will need to enter a two-digit country code, state or province, city or town name, full company name, industry name (for example, IT or Marketing), and website address (often called name domain).
   • Select the location and name for the CSR file you are about to initialize. Make a note of where this file is saved for the next certificate order process.

2. 

   Purchase an SSL certificate. There are a variety of online services that offer SSL certificates. You need to choose a reputable service to ensure the safety of the website itself and all customers. Popular services include: DigiCert, Symantec, GlobalSign, and so on. The most suitable service will depend on your needs (multiple certifications, enterprise solutions, etc.).
   • You need to upload a CSR file to a certificate service. This file will be used to initiate a certificate for your server. Providers often ask us to upload files, some other services just copy the content of the CSR file.

3. 

   Download the certificate. An intermediate certificate needs to be downloaded from the service from which you order the certificate. The primary certificate will be sent via email or the client area of ​​the website.
   • Copy the certificate file that you received to the Exchange server.

4. 

   Install intermediate certificates. In most cases, you can copy the supplied certificate data into a text document and save it as "intermediate.cer". Open Microsoft Manage Console (MMC) by clicking Start, selecting Run, and then typing “mmc”.
   • Click File and choose Add / Remove Snap In.
   • Click Add, select Certificates and then click Add again.
   • Select Computer Account and click Next. Select Local Computer as the storage location. Click Finish, then click OK. You will be back to MMC.
   • Select Certificates in MMC. Select “Intermediate Certification Authorities” and select Certificates.
   • Right-click Certificates, select All Tasks, and then select Import. Use the wizard to load intermediate certificates that you have downloaded from your service provider.

5. 

   Open the "Server configuration" section in the Exchange Management Console. See step 1 to see how to open "Server configuration". Then, click the certificate in the middle of the window, then click the “Complete Pending Request” link in the Actions list.
   • Browse for the main certificate file and click Complete. Once the certificate is uploaded, click Finish.
   • Ignore any errors reporting that the process failed; This is a common error.
6. Activate the certificate. After installing the certificate, click the “Assign Services to Certificate” link at the bottom of the Actions list.
   • Select the server from the list that appears and click Next.
   • Select the server that you want to protect with a certificate. Click Next, then select Assign and click Finish.
   advertisement

Method 4 of 4: Use cPanel

1. 

   Initialize the CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on your server. This file contains the public and server key information, and is essential for the initialization of a private key.
   • Sign in cPanel. Open the control panel and look for SSL / TLS Manager.
   • Click on the link "Generate, view, upload, or delete your private keys" (Generate, view, upload or delete private keys).
   • Scroll down to the “Generate a New Key” section. Enter the domain name or choose from in the drop-down menu. Select 2048 for “Key Size”. Click the Generate button.
   • Click on “Return to SSL Manager”. From the main menu, select the link “Generate, view, or delete SSL certificate signing requests” (Initialize, view or delete an SSL certificate registration request).
   • Enter your organization information. You will need to enter a two-digit country code, state or province, city or town name, full company name, industry name (for example, IT or Marketing), and website address (often called name domain).
   • Click the Generate button. The CSR code will appear. You can proceed to copy and enter this code into the certificate order form. If the service requires the CSR file, copy the code into a text editor and save it as the .csR file.

2. 

   Purchase an SSL certificate. There are a variety of online services that offer SSL certificates. You need to choose a reputable service to ensure the safety of the website itself and all customers. Popular services include: DigiCert, Symantec, GlobalSign, and so on. The most suitable service will depend on your needs (multiple certifications, enterprise solutions, etc.).
   • You need to upload a CSR file to a certificate service. This file will be used to initiate a certificate for your server.Providers often ask us to upload files, some other services just copy the content of the CSR file.

3. 

   Download the certificate. An intermediate certificate needs to be downloaded from the service from which you order the certificate. The primary certificate will be sent via email or the client area of ​​the website.

4. 

   Open the SSL Manager menu in cPanel again. Click on the link “Generate, view, upload, or delete SSL certificates” (Generate, view, upload or delete SSL certificates). Click the Upload button to browse for the certificate you received from your service provider. If the certificate is downloaded as text, paste the certificate text in the browser frame.

5. 

   Click on the link "Install SSL Certificate". SSL certificate installation will be complete. The server will restart and the certificate will be delivered.

6. 

   Certificate check. Use different web browsers to check if the certificate is working properly. Connect to your website using the protocol "https: //" to force SSL connection. A padlock icon will appear in the address bar, usually on a green background. advertisement