Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Installing an SSL certificate from a vendor

  1. #1
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Installing an SSL certificate from a vendor

    Does anyone have a good tutorial for dummies on using commercial SSL certificates on a Ubuntu server?

    I see a lot of tutorials for self-signed certificates, but not a lot for commercial ones.

    I guess something like this, except for Ubuntu, instead of CentOS.

    Thanks in advance!

  2. #2
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,008
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Installing an SSL certificate from a vendor

    as for a webserver, to run a https site? or more general than that ?

  3. #3
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    Yes, for https

  4. #4
    Join Date
    Nov 2008
    Location
    BSAA Headquarters
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Installing an SSL certificate from a vendor

    Quote Originally Posted by aysiu View Post
    Yes, for https
    What server software and SSL Certificate provider
    Some have intermediary certificates (e.x. Globalsign AlphaSSL) that you have to combine, depending on what webserver software you are using
    Ubuntu Forums Moderation Staff || SandyDNET
    Twitter: @CatchesAStar | Last.fm
    Ubuntu Membership via Forum Contributions

  5. #5
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    Quote Originally Posted by sandyd View Post
    What server software and SSL Certificate provider
    Some have intermediary certificates (e.x. Globalsign AlphaSSL) that you have to combine, depending on what webserver software you are using
    In addition to this, the CA I use offers some excellent instructions for both Apache and Nginx.
    http://www.startssl.com/?app=20

    But yeah, it would help to know what web server you are running and which CA (mine needs to have an intermediary cert added to the public one).
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  6. #6
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    Ubuntu Server 13.10 and Network Solutions. I don't really need a lot of hand-holding... just a solid tutorial you can link me to. Thanks!

  7. #7
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    Quote Originally Posted by aysiu View Post
    Ubuntu Server 13.10 and Network Solutions. I don't really need a lot of hand-holding... just a solid tutorial you can link me to. Thanks!
    Are you using Apache on this box?

    If so they have some instructions here, but they are kinda lacking.

    The procedure is similar to the link I posted above from startssl, but I find their documentation easier to understand.

    check this page out too:
    http://www.unixmen.com/install-apache-ssl-ubuntu-13-10/
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  8. #8
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    Unfortunately, neither of those works. I did check out the official Network Solutions instructions, but they didn't seem to work. The second link seems to be just a self-signed non-commercial certificate. Thanks, though.

  9. #9
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Installing an SSL certificate from a vendor

    What error were you getting when you tried using the official documentation?
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  10. #10
    Join Date
    Nov 2006
    Location
    Belgium
    Beans
    3,008
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Installing an SSL certificate from a vendor

    Quote Originally Posted by aysiu View Post
    Ubuntu Server 13.10 and Network Solutions. I don't really need a lot of hand-holding... just a solid tutorial you can link me to. Thanks!
    I don't have a tutorial handy, but maybe you can write one afterwards
    Essentially, it's the same as the tutorials you find about https with self-signed certs/private PKI, minus all the hasle to create the certificates. It's just that you have to know where the PKI stuff ends and the webserver config begins. I think that's your problem.

    Mostly from memory so possibly incomplete but it'll get you started and there's bound to be people here who can fill in the gaps :

    Asuming Ubuntu server and apache :

    - enable apache ssl module
    Code:
    a2enmod ssl
    - get certificates from a CA
    - copy the certificates to your webserver.
    where should you put them ? I've seen documentation that says /etc/ssl/certs and /etc/ssl/private or something, and other that says /etc/apache2/ssl
    if you're just doing web, I'd go with /etc/apache2/ssl

    - create a suitable virtual host definition, eg by editing /etc/apache2/sites-available/default-ssl
    comment out or delete the part that references the certificates, and replace those with the paths and filenames of your certs (the ones you copied in the previous step)

    Code:
            SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
            SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    This is the tricky part : depending on what certificates you got, you may also need to describe tho whole "chain of trust" with
    Code:
    SSLCertificateChainFile      /etc/ ... /some_intermediate_cert
    It's likely the CA that supplied your certificates has more detailed instructions on this.
    The Centos tutorial may be of help too - this is not going to differ significantly between distros, it's just a matter telling apache where to find the files


    -enable the default https site (or the one you created) :
    Code:
     a2ensite default-ssl
    - restart apache
    Code:
    service apache2 restart
    obviously, all of this is work for root, so you need to "sudo" all the commands.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •