Home > CentOS > Setup GoDaddy SSL Cert

1. Buy a Standard SSL Cert from GoDaddy

2. Make sure the whois record of the domain name is not private, and you have the access to the contact email

3. Login to Linux and enter this command:

openssl req -new -newkey rsa:2048 -nodes -keyout ca.key -out ca.csr

Enter the following information:

Passphrase: (pick a passphrase yourself and remember to mark it down)
Country Name: HK
State or Province Name: HKSAR
Locality Name: Hong Kong
Organization Name: MyHelper
Organizational Unit Name: MyHelper
Common name: my-helper.com
Email Address: [email protected]
A challenge password: (empty)
An optional company name: (empty)

4. Copy the content of ca.csr to GoDaddy and follow this instruction to request the SSL Cert from GoDaddy:
https://products.secureserver.net/products/howtoapplyturbo.htm

5. Upload domain.com.crt and gd_bundle.crt to server

6. Open ssl.conf and enter:

DocumentRoot "/var/www/vhosts/myhelper/htdocs"
SSLCertificateFile /etc/pki/tls/certs/myhelper/myhelper.com.crt
SSLCertificateKeyFile /etc/pki/tls/certs/myhelper/ca.key
SSLCertificateChainFile /etc/pki/tls/certs/myhelper/gd_bundle.crt

<Directory "/var/www/vhosts/myhelper/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

7. Stop Apache prompt for passphrase on next restart

cp /etc/pki/tls/certs/myhelper/ca.key /etc/pki/tls/certs/myhelper/ca.key.bak
openssl rsa -in /etc/pki/tls/certs/myhelper/ca.key -out /etc/pki/tls/certs/myhelper/ca.key

Reference:
http://blog.yorkxin.org/2009/02/23/buying-a-turbo-ssl-cert/
http://www.mnxsolutions.com/apache/removing-a-passphrase-from-an-ssl-key.html



Flag Counter