Open Ground Wiki

User Tools

Site Tools

Trace: migrating_wordpress workbench windwalker live_stream_notes design_dev_resources stream_deck tailwind_css linux_extras mac_software ssl_notes
ssl_notes

SSL Notes

An SSL certificate can be a complicated process because it is a series of encrypted key files that need to be installed and verified across the SSL provider and the web host.

One important note, is when an SSL certificate expires, you not only need to pay to renew, you must do the SSL install process again, repeating it nearly exactly as the first time. Just reupping payment is not enough.

Note: This step is commonly overlooked! In the case of webfaction, once you've got the cert created / loaded, you have to go back to the 'Websites' section of the admin panel, click the site and update the dropdown menu so it points to the new updated cert.

Steps to making SSL work on the site

  • Buy the SSL (pretty good deal at namecheap)
  • Note you won't be applying the SSL cert to the domain right away there are other steps below first that happen at the website host level
  • In the host (Webfaction), generate a CSR by going to Domains > SSL Certificates and then pressing “Generate CSR and filling out the form.
  • Once form is filled and you press “Generate CSR” you'll be able to download it
  • This CSR download is a zip file wich will be your Cert Signing Request and the key used to sign it.
  • Unzip and get .csr and .key files
  • Back on Namecheap, go to the product list and find SSL cert you just purchased, select “Activate”
  • You'll be asked to enter the CSR info into the box, copy the text from the CSR file you got from webfaction
  • After pressing next you'll be asked to confirm the domain via the DCV method, choose HTTP so you can upload it.
  • Tell them to send the info to your email address
  • Actually though, it will take you back to the cert details page, and across from DCV Methods in use, there's a button with a dropdown that says Edit Methods. Click Arrow and download the file, it will tell you where to place the file.
  • Once the text file with the crazy name is installed on the site, there will be a delay but then you will get the email from the SSL Cert authority (e.g. Comodo)
  • The email contains a CRT file and an apache bundle file contained in a second attached zip
  • An optional logo may arrive depending on the CERT authority to display on the site
  • Back at Webfaction, go back to Domains and then SSL
  • Upload a Certificate, give it a good name, possibly including month or year in the name for reference (e.g. “sitename2019June”)
  • Upload the Cert, Private Key, then Bundle file as requested.
  • Once saved there's one more step easily overlooked —
  • Go back to the 'Websites' section of the admin panel, click the site and update the dropdown menu so it points to the new updated cert. Press Save again
  • After doing this, make sure to press refresh on your website a few times, if you were getting the Security warning, it should go away after not too long as long as that page isn't cached. it only took about 90 seconds just now when completing these steps.
ssl_notes.txt · Last modified: by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki