Recent Posts
Sponsors
 |
How to register SSL Certificate with GoDaddyDawn Rossi, 07-08-2011 |
This is a follow-up to an old post I wrote back in 2008 about registering SSL certificates with VeriSign
While VeriSign is still the elephant in the room, these days, all modern browsers support certificates from GoDaddy, Thawte and many other cheaper alternatives to VeriSign.
Unless you have a very good reason to use VeriSign and shell out $400, I would recommend using GoDaddy. Their standard SSL will only set you back $50 and best of all - it is usually issued within minutes.
Step 1 - Register a domain
This is a no brainer.
Step 2 - Verify Whois information and make it public
Your domain whois information must match the company name and address you'd like to list on the SSL certificate.
Update your whois information if you need to (login to your SoftwareProjects account and click on the domain, or use your existing registrar interface) and make sure your whois information can be publicly accessed by whois.net
If you have private-registration, you MUST turn it off prior to applying for the SSL certificate. You'll be able to turn private-registration back on once the certificate is approved.
Step 3 - Generate private key
Login to your server via Telnet or SSH and run this command:
Replace mydomain.com with your target domain name.
You'll be asked to choose a password. Pick any password - it is only used throughout the registration process.
Now enter this command:
Again replace mydomain.com with your target domain name.
You'll be asked to provide the country, state, company name and domain name. Make sure you use the EXACT same information as what whois.net shows for your domain.
The common name is your www.mydomain.com.
Step 4 - Buy Certificate
Visit GoDaddy's SSL certificate page here and select the Standard SSL certificate for 1 year.
Skip all the optional add-ons.
You will be asked to paste the www.mydomain.com.csr you prepared earlier.
While VeriSign is still the elephant in the room, these days, all modern browsers support certificates from GoDaddy, Thawte and many other cheaper alternatives to VeriSign.
Unless you have a very good reason to use VeriSign and shell out $400, I would recommend using GoDaddy. Their standard SSL will only set you back $50 and best of all - it is usually issued within minutes.
Step 1 - Register a domain
This is a no brainer.
Step 2 - Verify Whois information and make it public
Your domain whois information must match the company name and address you'd like to list on the SSL certificate.
Update your whois information if you need to (login to your SoftwareProjects account and click on the domain, or use your existing registrar interface) and make sure your whois information can be publicly accessed by whois.net
If you have private-registration, you MUST turn it off prior to applying for the SSL certificate. You'll be able to turn private-registration back on once the certificate is approved.
Step 3 - Generate private key
Login to your server via Telnet or SSH and run this command:
openssl genrsa -out www.mydomain.com.key 2048
Replace mydomain.com with your target domain name.
You'll be asked to choose a password. Pick any password - it is only used throughout the registration process.
Now enter this command:
openssl req -new -key www.mydomain.com.key -out www.mydomain.com.csr
Again replace mydomain.com with your target domain name.
You'll be asked to provide the country, state, company name and domain name. Make sure you use the EXACT same information as what whois.net shows for your domain.
The common name is your www.mydomain.com.
Step 4 - Buy Certificate
Visit GoDaddy's SSL certificate page here and select the Standard SSL certificate for 1 year.
Skip all the optional add-ons.
You will be asked to paste the www.mydomain.com.csr you prepared earlier.
 |
Dawn Rossi, 07-08-2011 |
If you're using NGinx, add this to the top of your config file:
# For PCI Compliance
ssl_protocols SSLv3 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
ssl_protocols SSLv3 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
|
|
Subscribe Now to receive new posts via Email as soon as they come out.
Comments
Post your comments
