Installing SSL (TLS)

4 sept. 2012

By the time I switched hosting my SSL certificate was already generated. I was promised it would work at the new hosting site, but did not have time to implement it until recently. Last week I looked through my mail, pasted my certificate to a *.crt file and asked my new provider to install it. They needed the *.crt file and a *.key file placed in my home folder.

openssl genrsa -out domain.key 2048

The key would be the public/private key pair used to sign the Certificate Signing Request (CSR). That process had already taken place so I had to sign a new *.csr file, send it for signing and get a new certificate back.

openssl req -new -key domain.key -out domain.csr

The first attempt of generating the certificate failed because the country code in the *.csr had to be uppercase, the second failed because of the optional password had unsupported characters (so much for secure passwords). The third time it passed.

..and now https:// is working again :)