|
There are several steps to the SSL Certificate order and issuance process. This article will help walk you through those steps.
Step 1 - order your SSL certificate
The obvious first step is to order a SSL Certificate here.
Step 2 - access the SSL/TLS Manage in your control panel
Within your website control panel, locate the SSL/TLS Manager in the Security section. It looks like this:
Click the SSL/TLS Manager icon, and you'll see a page with these options:
You'll use the first, second and fourth options, in order, during the SSL Certificate order/installation process.
NOTE: If you are ordering a replacement for an expired certificate, you can skip steps 3 and 4 and simply use the CSR that was generated with your original order. Skip to step 5 if you do this.
Step 3 - Create a private key
The key is used along with the certificate to encrypt communications between the visitor's web browser and your website. The key must be generated before the certificate signing request.
Click the "Generate, view, upload or delete your private keys" link from the SSL/TLS manager to access the key area, and use the very bottom section of the page to generate a new key. That section of the page looks like this:
IMPORTANT: Our GlobalSign certificates will protect both the www and non-www forms of your domain, so be sure and enter the www on the host by either entering the full host starting with www in the first field, or choose the domain name from the drop down list and then add www. in front of the host in the first field. Set the Key Size to 2048, as GlobalSign certificates required a 2048 bit key size.
Step 4 - generate the certificate signing request
Once the key has been generated, return to the main SSL/TLS Manager page and click the "Generate, view, or delete SSL certificate signing requests."
Use the portion of the page that looks like this to generate your certificate signing request:
The Host dropdown will contain any hostnames for which you have created private keys (Step 3). The country should be a two letter abbreviation, but the state should be spelled completely. Enter the company name with no punctuation, and if the organization is not large enough to have formal divisions, choose any description you would like for Company Division, such as "Sales", "Website", etc. Enter your email address and a Pass Phrase of your choosing, and click the Generate button.
Once the certificate signing request is created, you will highlight and copy the text of the CSR, as you'll need to paste it into the order process during the next step.
Step 5 - complete the order process with the certificate issuer
The email we send after you have placed your order contains a link that you will need to follow to complete your order. You'll need to supply some contact information, the CSR you created in Step 4, and the type of web server you'll be installing the certificate on. For the web server choice, specify Apache with MOD_SSL.
Be sure that you, or someone within the organization, can receive email to the address you choose to approve the order. That email address will be sent an approval email with a link that must be clicked to approve the order.
Once you have completed the order, the SSL certificate approval email will be sent, and once the order is approved, the SSL certificate itself will be sent.
Step 6 - install the SSL certificate
To install the SSL certificate, return to the SSL/TLS Manager main page and click the "Setup a SSL certificate to work with your site" link, and install the certificate using the "Install/Update A SSL Host" portion of the page, shown here:
From the Domain dropdown, select the domain for which you've already generated a private key and certificate signing request.
In the certificate box, paste in the certificate text you received via email, including the BEGIN CERTIFICATE line at the top, and the END CERTIFICATE line at the bottom. If there is a certificate already displayed, overwrite it with the certificate you received by email. The key should be automatically displayed, and generally speaking the CA Bundle is not needed, but if it is displayed you may leave it.
Click the Install Certificate button, and you should be done at this point. Test out a connection to the secure (https://) version of your domain and make sure it works.
If you have any questions, please open a support ticket.
| 
