Once you generate the certificate signing request and purchase an SSL certificate, you will need to install it on your server or operating system. This article will guide you through the SSL installation process.
Before you proceed to install the SSL certificate, make sure you have all these prerequisites:
- The Server Certificate: This is the certificate you receive from the CA via email. If you haven’t already received it through an email, you can always download it from your Account Dashboard.
- A Copy of the Correct Intermediate Certificates: These are the certificates that contain files that allow devices that connect to your server to identify the CA. These are also called CA bundles.
- Your Private Key: Keep this file on your server.
Here is the process to install the SSL certificate on Windows:
- Open the “Run” command and type “MMC” and then click on the OK button.
- On the “User Account Control” window, click on the “Yes” button.
- The Microsoft Management Console will open.
- In the console, click on “File” and then select “Add/Remove Snip-in”.
- Another window pops up.
- Select “Certificates” and click on “Add” from the menu on the left.
- Then select the “Computer account” radio button and then click on the “Next” button.
- Now click on the “Finish” button.
- You will be redirected to the very first window where you had selected the “Add/Remove Snip-in” option.
- Click on the “OK” button.
- Now click on the “Certificates (Local Computer)” on the Microsoft Management Console window.
- Right-click on the “Trusted Root Certificate Authorities” from the menu on the left and select “All Tasks” and then click on “Import”.
- Click on the “Next” button.
- Now navigate to the location on your computer where you had saved your SSL certificate. Select the SSL certificate and then click on the “Open” button.
- In the Certificate Store window, select the “Trusted Root Certificate Authorities” option and click on “Next”.
- Click on the “Finish” button.
- Then click on the “OK” button and you’re done.
Congratulations! Your SSL certificate is now installed, and you will be able to view the SSL certificate under the certificates folder.
Here is the process to install the SSL certificate in Web Host Manager (WHM):
- Log in to WHM.
- Enter your username and password and click on “Log in”.
- Enter your WHM homepage.
- Click on the “SSL/TLS” button on the homepage.
- On the SSL/TLS manager page, click on the option “Install an SSL Certificate on a Domain”.
- In the “Domain” field, enter your domain name that needs to be secured with the SSL certificate. This would have been issued to your domain. If you have the certificates in a ZIP file, just click on the “Extract All” option and drag the certificate into a notepad.
- In another text box below, copy and paste your certificate files. These will already be present on your server.
Then enter the “Private Key” that was created at the start of the SSL certificate generation process.
- Then comes the “Certificate Authority Bundle (optional)” textbox. These are the intermediate certificates that provide the CA information to the browser. The WHM automatically fetches the CA bundle if you save the files. Otherwise, you can manually copy and paste the certificates sequentially in the correct order.
- Finally, click on the “Install” button once you have input all the necessary certificates into the respective text boxes.
Here is the process to install the SSL certificate using Apache:
- Generate a Certificate Signing Request:
- Navigate to /usr/local/SSL/bin/ and start the OpenSSL utility.
- Enter the command: “OpenSSL genrsa –des3 –out www.mydomain.com.key 2048” and create a key pair
- Create a passphrase. A passphrase is essential in order to interact with the keys.
- To generate a CSR, enter the command “OpenSSL req –new –key www.mydomain.com.key –out www.mydomain.com.csr”.
- Fill out the fields – country code, state/ province, domain name, location, etc.
- Once the CSR is created, you will need to run the following command “OpenSSL req -noout -text -in www.mydomain.com.csr” to generate the CSR file on the server.
- Order the SSL certificate from any reputable service.
- The next step is to download the intermediate certificates from the service.
- Make sure your certificates are in a . CRT file format before uploading them.
- Upload the certificates to onto your server by putting all of them in a single dedicated folder.
- In case the version of Apache that’s being used as an “ssl.conf” file for the SSL certificates, you can open the “httpd.conf” file in a text editor and add the below lines in the “Virtual Host” section and save the file or re-upload it.
- SSLCertificateFile /usr/local/SSL/crt/primary.crt
- SSLCertificateKeyFile /usr/local/SSL/private/private.key
- SSLCertificateChainFile /usr/local/SSL/crt/intermediate.crt
- Once the file changes have been saved, you will need to restart your server by entering the below commands:
- apachectlp stop
- apachectl startssl
And you’re done. You can now start using your SSL certificate once you restart the server!