I recently purchased a SSL certificate from my domain registrar (http://www.namecheap.com), and I'm trying to install it on my website in cPanel. The certificate I bought was PositiveSSL. I filled out a form on namecheap, and got an email with a thing that says -----Begin Certificate------ AbunchOfLetters -----End certificate ----
So in cPanel, I generated a private key. Then I went to "Manage SSL sites" in cPanel. I pasted in the certificate emailed to me in the first field, then put my generated private key in the second field. When I put the private key in, it says it doesn't match the certificate and I'm not able to install it.
I've been scratching my head at this for a while. Sorry if I missed something, I'm not very familiar with how SSL works, but would really appreciate some help. Thanks
You will have to add your private key which you have got while creating the CSR for the SSL, if you are not sure about that, Please contact your hosting provider for this. They will check it on the server and will install SSL on your domain with the correct private key.
Related
From SSL2BUY I have the text for a certificate starting with "-----BEGIN CERTIFICATE-----" down to "-----END CERTIFICATE-----". There is no download option just an email option (but that person isn't available) how do I convert the encrypted text between the 'begin' and 'end' statements to an actual certificate?
There are also 4 sections within this page; Servers, PKCS7, Root and Intermediate. How do these all interact?
SSL has been a bane of my life for a long time and I need to conquer this once and for all -_-.
Any assistance will be much appreciated.
I would like to inform you that Servers Certificate and PKCS7 Certificate are different formats of certificate.
PKCS7 format certificate is used in java based server like Tomcat and if you are not using Tomcat you can disregard it.
If you are using a server like IIS, cPanel, Apache etc then you will need to install "Server Certificate". You need to paste the certificate in notepad and save it with .cer extension.
If you are using a windows based server(IIS) then you will need only 1 file to install there which is "server certificate". On Windows based servers, root & intermediate certificates came preinstalled so you can skip that, they are not needed to install again.
If you are servers like Apache, cPanel, Nginx, Plesk, etc then you need to install the main domain certificate and CABundle(combination of the Root and Intermediate certificate).
Please Note:
For all leading CA's (Comodo, Digicert and GlobalSign) all the Root and Intermediate certificates are different. Please suggest your product name so I am able to assist in that particular product which Root and Intermediate certificate has to be used.
Please let me know the server type you are using such as Apache, IIS, cPanel, etc.
I purchased my SSL certificate from GoDaddy.
I made the common name www.mywebsite.com.
In my DNS settings I have the website forwarding from the naked domain to the www.mywebsite.com.
I removed any settings inside Heroku regarding the SSL certificate from the GUI.
Then I went through the instructions here.
To recap, I generated my server.key by first creating the crs files and sending those to GoDaddy.
I purchased the $20/mo endpoint.
GoDaddy gives me a downloadable ZIP for my certificates, one with one certificate, and one with 3 certificates inside of it.
I run the following command to install the bundled version first with the following failing message that follows:
heroku certs:add server.crt server.key --type endpoint
No certificate given is a domain name certificate.
The reason I even tried to use the bundle is that my SSL doesn't work in firefox, and intermediary cert is not being included. After looking around for an answer on this, I couldn't find one.
So to get my website back up and running in the short term, I decided to just do what I did before, and upload the single cert. That works, but not really.
Now I get this message when I run the cUrl test:
* error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
Also, my website is down. :(
How do I fix this?
The answer in my case seems to be that purchasing an SSL cert is not necessary on Heroku. When you purchase a paid hosting package they provide SSL certificates by default without having to buy their SSL add-on endpoint.
There are likely other use-cases for using a paid SSL cert, but in my case I didn't have to do that.
If this answer helped you please upvote this question as some people seem to think it's a question worth down voting.
I don't know much about this topic, but have a site (shared hosting) and want ssl for it. Got a certificate from letsencrypt (for both www and plain mydomain.com), they verified it successfully, so I put the cert and private key into the ssl config part of cpanel. Cpanel marked the inputs valid but then gave me the following error
The certificate could not be installed on the domain “mydomain.com”.
error Certificate verification failed!
Certificate verification failed:
unable to load certificate
140495454865312:error:0906D064:PEM routines:PEM_read_bio:bad base64 decode:pem_lib.c:812:
I have no idea what this means. Any help would be appreciated.
Got it working by making sure every line was exactly 64 characters long
This problem is driving me mad but hopefully to you people it may be simple.
This is what I have done:-
Created a new (self-signed) SSL certificate in Plesk 12 to secure the panel.
Set it to use this as the panel certificate.
Changed the ip address to use this new certificate in Tools/IP Addresses
I have checked the sites ssl certificate on numerous online checkers and they all report the certificate is fine (although it being self-signed).
But whenever I browse to the panel I still get 'Your connection is not private'
The trouble is then that the PEM encoded chain, which I believe to be the certificate it's using, is not the self-signed certificate I created. Then after a certain period of time, approx 5 mins, even when I'm still using the admin it will go to 'Your connection is not private' again and show a different PEM encoded chain.
Please could someone help as this drives me crazy when I'm using Plesk.
The sever is running CentOS 6.6 and the servers default address is sris1.co.uk
Thanks in advance.
Most probably, you are accessing both https://sris1.co.uk and https://www.sris1.co.uk, while certificate is issues for www. domain, and it's understandably failing when you access just sris1.co.uk, and browser thinks, that you are being tricked, since cert is issued for different site.
I've never met such problems in Plesk, so, this is only thing, that I can guess from provided information.
I've created a subdomain for my parse app and I need to protect the connection while logging and during my session.
Assume that I don't have any public domain name and I will still use just the url of (mysubdomain.parseapp.com) then is all I need to get buy a certificate and get the two files for:
SSL Public Certificate
SSL Private Key
and just upload it to parse through the settings page ? or will I need to do something else ?
Just need a confirmation that my understanding is correct.
Kind Regards,
Robear
The private key would come from the server. A Certificate Authority is only going to give you a domain cert. For example "mysubdomain_parseapp.com_crt" and yes you'll need to upload the domain cert, private key (which is generated during the CSR request), plus the CA's intermediate cert (the CA should advise which one and where to download it).
In order for a CA to issue out a cert. You need to own the root domain or have permission by the owner. In your case you would need to prove that your the owner or have permision to purchase an SSL cert with "parseapp.com"