Provisioning SSL certificates on your Server

If you handle sensitive information on your web app, like processing payments or entering passwords, then it’s important you protect your users by making sure your website is secure using SSL. It’s basically like sending a letter, but making sure you put it in an envelope and seal it up before firing it off. With search engines now favouring SSL sites over others, it’s a good way to boost your ranking and ensure you’re protected.

What is SSL?

Setup

Using the Terminal

$ openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

This command will prompt you to go through a little creation wizard, as highlighted below.

openssl Wizard

You’ll be asked to enter a few details as well as choosing a password for the keypair. Once this is done, the .csr (certificate sigining request) and yourdomainname.key is generated in the directory that you ran the command. If you open up the .csr file in a text editor it should look something like this.

yourdomain.csr

When managing your SSL, you’ll be asked for the csr, copy and paste or upload (depending on service provider) the file. Once this is done, verification will be done to ensure you’re the domain owner as well. This is done through either shooting an email across or adding a TXT record with a key value to your DNS. Once verified you’re ready to go! Depending on where you’re installing your certificate there will be different file types.

File Types

.pem

.der

.p7b/PKCS#7

.pfx/PCKS#12

If you find yourself with the wrong format, for whatever reason, there is a way to convert them. For more information, head over here and follow the simple instructions.

Using Keychain Access

Click “Request a Certificate From a Certificate Authority…” from the dropdown menu

This will bring up the following Certificate Assistant, where you’ll be asked to enter a few details. Ensure you choose the option Save to disk.

Ensure you choose Saved to disk

Once hitting Continue, you’ll be asked where you want to save your .csr file, after that your .csr will be generated. Your private key will be accessible in the keys section of the Keychain Access app. Depending on your service provider you can either upload the .csr file or open a text editor and paste the contents of the .csr file to start the process.

All done!

That’s it really, depending on your type of server and configuration installation of the certificate will vary, but it’s usually quite straightforward.

Free SSL Certificates

Lets Encrypt

Thanks for reading, hit 💚 if you like what you read and be sure to follow to keep up to date with future posts.

Software Developer https://jameshamann.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store