InstantSSL & DA

Hello,

First, you're going to want to create the subdomain named "secure". Second, go into the user panel, click on advanced tools, then "Install SSL Certificate" (or SSL Menu under power_user).

Once there, you'll see 3 main options:
Use the server's certificate
Create your own self signed certificate / Create A Certificate Request
Paste a pre-generated certificate and key

well.. that's actually 4, but the "Create" are blobbed into one. If you are going to be buying a certificate, you'll need to select "Create a Certificate Request" (Select the left radio box to enable the two "Create" radio boxes).

Fill in all relevant info, and be sure to enter "secure.serverenterprise.net" to the Common Name field.

Click save and you should see the request below. If you are an admin, you'll see both the certificate request AND a key. You *must* backup the key, from this window (copy and paste it somewhere), or you'll lose it. Non-admin users with owned IP don't need to worry about this because they'll keep on using the server's cert/key until they switch to theirs. The admin account actually uses the servers main ones, so the new key cannot overwrite the old one until the new certificate has arrived to go with it, or else the old cert and the new key won't match up and apache will not run. Be very carefull... it may be wise to make a backup of the main cert/key pair before you begin.

So assuming you've copy/pasted your key somewhere and sent out your csr, you'll then get the new certificate sent to you. Using your new certificate and the key you copy/pasted, paste both of them OVERTOP of the old ones in the SSL screen. Be sure to not include anything from before. You should now click the "Paste a pre-generated certificate and key" radio button to select the correct save mode. Click save to upload the new cert/key pair (and pray :))

If you wait a minute or so for apache to restart, you should then be able to access https://secure.serverenterprise.net with the new certificate. You will still get a popup saying the certificate is not valid, because you havn't installed the ca root certificate. To do this, click "Click Here to paste a CA Root Certificate" at the bottom of the SSL screen. Paste the CA certificate provided by the certificate issuer. This is not your certificate, but one that should be available for download from their website. Check "Use a CA Cert", paste the ca cert, and hit save. Wait another minute, close all your browsers, then reload the page.. you shoud be good to go :)

John
 
instant ssl

John,

I don't know which one of these to paste in the "Click Here to paste a CA Root Certificate"

I have already added the csr and key and I have two files that were sent to me along with my request by instantSSL. So which one of these do I paste into the control panel. I was thinking of pasting them together or do I have to upload them to the server.

GTE CyberTrust Root CA

Comodo Class 3 Security Services CA

I can't see why pasting them both together would be a problem.

Thanks,
 
i just got instantSSL and was wondering....
do we have to install under secure.domain.com or can we install on the root of our site?
if we put under secure.domain.com, won't we have to move all apps that we want to run secure under that directory?
 
What name did you buy it for?

if you bought it for secure.example.com, and you use it for any other subdomain of example.com, or just for example.com, it will always give an error every time someone uses it to visit the site.

The name you bought it for, and the actual fqdn you're using, have to match.

Jeff
 
thanks for the info.
i decided to set it up for the root of the site (example.com)
 
Hi!

Comodo provides 2 CA certificate files
the ComodoSecurity and GTE
which one should I install as the CA certificate?


Originally posted by https://secure.serverenterprise.net with the new certificate. You will still get a popup saying the certificate is not valid, because you havn't installed the ca root certificate. To do this, click "Click Here to paste a CA Root Certificate" at the bottom of the SSL screen. Paste the CA certificate provided by the certificate issuer. This is not your certificate, but one that should be available for download from their website. Check "Use a CA Cert", paste the ca cert, and hit save. Wait another minute, close all your browsers, then reload the page.. you shoud be good to go :)

John [/B]
 
If I recall correctly (we stopped selling Comodo certs almost a year ago), the larger one of the two is a multiple cert, and should be used for Apache servers. DA uses Apache.

It's no big deal if you use one that doesn't work; just try the other.

Jeff
 
Back
Top