How to Install an SSL Certificate

An SSL (short for Secure Socket Layer) certificate is a way that websites and services are authenticated to encrypt data sent between them and their customers. SSL is also used to verify that you’re connected to the correct service you want (for example, am I really signed in to my email service provider or is this just a phishing copy?). If you are providing a website or service that requires a secure connection, it may be necessary to install an SSL certificate to verify your trust. Take a look at the following article to learn how.

Table of Contents

Using Microsoft Internet Information Services (IIS)

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/0/07/1423062-8.jpg/v4-728px-1423062-8.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/0/07/1423062-8.jpg/v4-728px-1423062-8.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Generate a CSR authentication request code (short for Certificate Signing Request). Before you can purchase and install an SSL certificate, you need to generate a CSR code on the server. This file contains the server and public key information and is required to generate the private key. You can generate a CSR code in IIS 8 in just a few clicks: ^{[1] X Research Source}

Open Server Manager.
Click Tops and select Internet Information Services (IIS) Manager.
Select the workstation where you are installing the certificate from below the Connections list.
Open the Server Certificates tool.
Click the Create Certificate Request link in the upper-right corner, below the Actions list.
Fill in the Request Certificate wizard. You’ll need to enter the two-digit country code, state or province, city or town name, full company name, industry name (e.g. IT or Marketing), and website address (usually called name). domain).
Leave the “Cryptographic service provider” field as default.
Set “Bit length” to “2048”.
Name the file that requires the certificate. It doesn’t matter what the filename is, as long as you can find the word in your archive.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/4/46/1423062-9.jpg/v4-728px-1423062-9.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/4/46/1423062-9.jpg/v4-728px-1423062-9.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Order an SSL certificate. There are various online services that provide SSL certificates. You need to choose a reputable service to ensure the safety of your website and all customers. Popular services include: DigiCert, Symantec, GlobalSign, etc. The most appropriate service will depend on your needs (multiple certifications, enterprise solutions, etc.).

You need to upload the CSR file to the certificate service. This file will be used to generate the certificate for your server. Providers often ask us to upload files, some services just need to copy the content of the CSR file.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/9/96/1423062-10.jpg/v4-728px-1423062-10.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/9/96/1423062-10.jpg/v4-728px-1423062-10.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Download the certificate. The intermediate certificate needs to be downloaded from the service from which you ordered the certificate. The Primary Certificate will be sent to you via email or the client area of the website.

Rename the master certificate to “website.cer name”.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/8/85/1423062-11.jpg/v4-728px-1423062-11.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/8/85/1423062-11.jpg/v4-728px-1423062-11.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Open the Server Certificates tool in IIS again. Here, click the “Complete Certificate Request” link below the “Create Certificate Request” link that you clicked to initiate the CSR earlier.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/6/69/1423062-12.jpg/v4-728px-1423062-12.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/6/69/1423062-12.jpg/v4-728px-1423062-12.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Browse for the certificate file. After locating the file on the computer, you need to give the file a close name to easily identify the certificate on the server. Save the certificate in the “Personal” personal store, then click OK to install the certificate.

The certificate will appear in the list. If you don’t see it, make sure you’re using the same server where you generated the CSR code.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/6/63/1423062-13.jpg/v4-728px-1423062-13.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/6/63/1423062-13.jpg/v4-728px-1423062-13.jpg”,”smallWidth”:460,”smallHeight”:344,”bigWidth”:728,” bigHeight”:545,”licensing”:”<div class=”mw-parser-output”></div>”}

Link the certificate to the website. Now after the certificate has been installed, proceed to link to the website you want to protect. Expand the “Sites” folder in the Connections list and click on the website that needs to be protected.

Click the Bindings link in the Actions list.
Click the Add button in the Site Bindings window that appears.
Select “https” from the “Type” drop-down menu, then select the installed certificate from the “SSL certificate” drop-down menu.
Click OK and then select Close.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/b/bf/1423062-14.jpg/v4-728px-1423062-14.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/b/bf/1423062-14.jpg/v4-728px-1423062-14.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Install the Intermediate certificate. Find the intermediate certificate you downloaded from your service provider. Some services only provide one certificate that needs to be installed, others offer more. Copy these certificates to the dedicated folder on the server. ^{[2] X Research Source}

Once the certificate has been copied, you need to double-click to open the Certificate Details.
Click the General tab. Click the “Install Certificate” button at the bottom of the window.
Select “Place all certificates in the fplowing store” and then browse to the local store. You can find the local storage by checking the “Show physical stores” box, then selecting Intermediate Certificates, and then clicking Local Computer.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/4/46/1423062-15.jpg/v4-728px-1423062-15.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/4/46/1423062-15.jpg/v4-728px-1423062-15.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Restart IIS. Before you start distributing certificates, you need to restart the IIS server. To restart IIS, click Start and select Run. Type the command “IISREset” and press Enter. The Command Prompt will pop up and show the restart status of IIS. ^{[3] X Research Sources}

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/4/42/1423062-16.jpg/v4-728px-1423062-16.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/4/42/1423062-16.jpg/v4-728px-1423062-16.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Check the certificate. Use different web browsers to check if the certificate is working properly. Connect to your website using the “https://” protocol to force an SSL connection. A padlock icon will appear in the address bar, usually on a green background.

Using Apache

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/4/4f/1423062-1.jpg/v4-728px-1423062-1.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/4/4f/1423062-1.jpg/v4-728px-1423062-1.jpg”,”smallWidth”:460,”smallHeight”:344,”bigWidth”:728,” bigHeight”:545,”licensing”:”<div class=”mw-parser-output”></div>”}

Generate CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on the server. This file contains the server and public key information and is required to generate the private key. You can generate the CSR code directly from the Apache command line:

Start the OpenSSL utility. You can find it at /usr/local/ssl/bin/

Generate the key pair by entering the following command:

 openssl genrsa –des3 –out www.mydomain.com.key 2048

Create a passphrase. You will enter this passphrase every time you interact with the key pair.
Start the CSR initialization process. Enter the following command when asked to create the CSR file:
```
 openssl req –new –key www.mydomain.com.key –out www.mydomain.com.csr
```
Fill in the requested information. You’ll need to enter the two-digit country code, state or province, city or town name, full company name, industry name (e.g. IT or Marketing), and website address (usually called name). domain).
Generate CSR file. After entering the information, launch the following command to initialize the CSR file on the server: ^{[4] X Research Source}
```
 openssl req -noout -text -in www.mydomain.com.csr
```

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/d/d0/1423062-2.jpg/v4-728px-1423062-2.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/d/d0/1423062-2.jpg/v4-728px-1423062-2.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Order an SSL certificate. There are various online services that provide SSL certificates. You need to choose a reputable service to ensure the safety of your website and all customers. Popular services include: DigiCert, Symantec, GlobalSign, etc. The most appropriate service will depend on your needs (multiple certifications, enterprise solutions, etc.).

You need to upload the CSR file to the certificate service. This file will be used to generate the certificate for your server.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/b/b3/1423062-3.jpg/v4-728px-1423062-3.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/b/b3/1423062-3.jpg/v4-728px-1423062-3.jpg”,”smallWidth”:460,”smallHeight”:344,”bigWidth”:728,” bigHeight”:544,”licensing”:”<div class=”mw-parser-output”></div>”}

Download the certificate. The intermediate certificate needs to be downloaded from the service from which you ordered the certificate. The master certificate will be sent via email or the client area of the website. Your key should look similar to this:

 ----- BEGIN CERTIFICATE-----

[ Encoded Certificate]

----- END CERTIFICATE-----

If the certificate is in a text file, you need to change the file extension to .CRT before uploading
Check the key that you have loaded. There will be 5 hyphens “-” on either side of the BEGIN CERTIFICATE and END CERTIFICATE lines. Also you need to check to make sure that there are no extra spaces or line breaks inserted in the key.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/5/5c/1423062-4.jpg/v4-728px-1423062-4.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/5/5c/1423062-4.jpg/v4-728px-1423062-4.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Upload the certificate to the server. The certificate will be in the folder dedicated to the key and certificate files. For example, /usr/local/ssl/crt/. All certificates need to be saved in the same folder.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/a/aa/1423062-5.jpg/v4-728px-1423062-5.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/a/aa/1423062-5.jpg/v4-728px-1423062-5.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Open the file “httpd.conf” in a text editor . Some versions of Apache have an “ssl.conf” file for SSL certificates. You only need to edit one file if you have both. Add the following lines to the Virtual Host section: ^{[5] X Research Source}

 SSLCertificateFile /usr/local/ssl/crt/primary.crt SSLCertificateKeyFile /usr/local/ssl/private/private.key SSLCertificateChainFile /usr/local/ssl/crt/intermediate.crt

Save the changes to the file when finished. Re-upload the file to the server if necessary.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/5/50/1423062-6.jpg/v4-728px-1423062-6.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/5/50/1423062-6.jpg/v4-728px-1423062-6.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Restart the server. After changing the file, you can start using the SSL certificate by restarting the server. Most instances can be restarted by entering the following command:

 apachectlp stop
apachectl startssl

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/7/78/1423062-7.jpg/v4-728px-1423062-7.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/7/78/1423062-7.jpg/v4-728px-1423062-7.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Check the certificate. Use different web browsers to check if the certificate is working properly. Connect to your website using the “https://” protocol to force an SSL connection. A padlock icon will appear in the address bar, usually on a green background. ^{[6] X Research Sources}

Using Exchange

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/5/52/1423062-17.jpg/v4-728px-1423062-17.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/5/52/1423062-17.jpg/v4-728px-1423062-17.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Generate CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on the server. This file contains the server and public key information and is required to generate the private key.

Open Exchange Management Console. Click Start > Programs > Microsoft Exchange 2010 > Exchange Management Conspe.
After the program launches, click the Manage Databases link in the middle of the window.
Select “Server Configuration”. This option is in the left pane. Click the “New Exchange Certificate” link in the Actions list on the right side of the screen.
Enter a memorable name for the certificate. This is optional if it’s convenient for you (doesn’t affect the certificate).
Enter configuration information. Exchange will automatically select the appropriate service, but if the server does not, you need to set it up yourself. Make sure all services for which you need protection are selected.
Enter organization information. You’ll need to enter the two-digit country code, state or province, city or town name, full company name, industry name (e.g. IT or Marketing), and website address (usually called name). domain).
Choose a location and name for the CSR file you are about to create. Make a note of where this file is saved for the next certificate ordering process.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/4/4b/1423062-18.jpg/v4-728px-1423062-18.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/4/4b/1423062-18.jpg/v4-728px-1423062-18.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Order an SSL certificate. There are various online services that provide SSL certificates. You need to choose a reputable service to ensure the safety of your website and all customers. Popular services include: DigiCert, Symantec, GlobalSign, etc. The most appropriate service will depend on your needs (multiple certifications, enterprise solutions, etc.).

You need to upload the CSR file to the certificate service. This file will be used to generate the certificate for your server. Providers often ask us to upload files, some services just need to copy the content of the CSR file.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/e/e0/1423062-19.jpg/v4-728px-1423062-19.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/e/e0/1423062-19.jpg/v4-728px-1423062-19.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Download the certificate. The intermediate certificate needs to be downloaded from the service from which you ordered the certificate. The master certificate will be sent via email or the client area of the website.

Copy the certificate file you received to the Exchange server.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/e/ec/1423062-20.jpg/v4-728px-1423062-20.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/e/ec/1423062-20.jpg/v4-728px-1423062-20.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Install the intermediate certificate. In most cases, you can copy the provided certificate data to a text document and save it as “intermediate.cer”. Proceed to open Microsoft Manage Conspe (MMC) by clicking Start, selecting Run and then typing “mmc”. ^{[7] X Research Sources}

Click File and select Add/Remove Snap In.
Click Add, select Certificates, and then click Add again.
Select Computer Account and click Next. Select Local Computer as the storage location. Click Finish, and then click OK. You will return to MMC.
Select Certificates in the MMC. Select “Intermediate Certification Authorities” and select Certificates.
Right-click Certificates, select All Tasks, and then select Import. Use the wizard to load the intermediate certificate that you downloaded from your service provider.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/9/96/1423062-21.jpg/v4-728px-1423062-21.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/9/96/1423062-21.jpg/v4-728px-1423062-21.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,” bigHeight”:546,”licensing”:”<div class=”mw-parser-output”></div>”}

Open the “Server configuration” section in the Exchange Management Console. Refer back to step 1 for how to open “Server configuration”. Then, click the certificate in the middle of the window and then click the “Complete Pending Request” link in the Actions list. ^{[8] X Research Sources}

Browse for the main certificate file and click Complete. After the certificate is uploaded, click Finish.
Ignore any error that the process failed; This is a common error.

Activate the certificate. After installing the certificate, click the “Assign Services to Certificate” link located towards the bottom of the Actions list.

Select the server from the list that appears and click Next.
Select the server that you want to protect with the certificate. Click Next, then Assign, and then click Finish.

Using cPanel

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/d/d7/1423062-22.jpg/v4-728px-1423062-22.jpg”,”bigUrl”:”https:// www.wikihow.com/images/thumb/d/d7/1423062-22.jpg/v4-728px-1423062-22.jpg”,”smallWidth”:460,”smallHeight”:344,”bigWidth”:728,” bigHeight”:544,”licensing”:”<div class=”mw-parser-output”></div>”}

Generate CSR code. Before you can purchase and install an SSL certificate, you need to generate a CSR code on the server. This file contains the server and public key information and is required to generate the private key.

Login to cPanel. Open control panel and find SSL/TLS Manager.
Click the “Generate, view, upload, or delete your private keys” link.
Scroll down to the “Generate a New Key” section. Enter the domain name or choose from the drop-down menu. Select 2048 for “Key Size”. Click the Generate button.
Click “Return to SSL Manager”. From the main menu, select the “Generate, view, or delete SSL certificate signing requests” link.
Enter organization information. You’ll need to enter the two-digit country code, state or province, city or town name, full company name, industry name (e.g. IT or Marketing), and website address (usually called name). domain).
Click the Generate button. The CSR code will appear. You can proceed to copy and enter this code into the certificate order form. If the service requires a CSR file, copy the code into a text editor and save it as a .CSR file.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/0/00/Install-an-SSL-Certificate-Step-17.jpg/v4-728px-Install-an-SSL-Certificate- Step-17.jpg”,”bigUrl”:”https://www.wikihow.com/images/thumb/0/00/Install-an-SSL-Certificate-Step-17.jpg/v4-728px-Install- an-SSL-Certificate-Step-17.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,”bigHeight”:546,”licensing”:”<div class=”mw-parser -output”></div>”}

Order an SSL certificate. There are various online services that provide SSL certificates. You need to choose a reputable service to ensure the safety of your website and all customers. Popular services include: DigiCert, Symantec, GlobalSign, etc. The most appropriate service will depend on your needs (multiple certifications, enterprise solutions, etc.).

You need to upload the CSR file to the certificate service. This file will be used to generate the certificate for your server. Providers often ask us to upload files, some services just need to copy the content of the CSR file.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/6/69/Install-an-SSL-Certificate-Step-18.jpg/v4-728px-Install-an-SSL-Certificate- Step-18.jpg”,”bigUrl”:”https://www.wikihow.com/images/thumb/6/69/Install-an-SSL-Certificate-Step-18.jpg/v4-728px-Install- an-SSL-Certificate-Step-18.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,”bigHeight”:546,”licensing”:”<div class=”mw-parser -output”></div>”}

Download the certificate. The intermediate certificate needs to be downloaded from the service from which you ordered the certificate. The master certificate will be sent via email or the client area of the website.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/5/54/Install-an-SSL-Certificate-Step-19.jpg/v4-728px-Install-an-SSL-Certificate- Step-19.jpg”,”bigUrl”:”https://www.wikihow.com/images/thumb/5/54/Install-an-SSL-Certificate-Step-19.jpg/v4-728px-Install- an-SSL-Certificate-Step-19.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,”bigHeight”:546,”licensing”:”<div class=”mw-parser -output”></div>”}

Open the SSL Manager menu in cPanel again. Click the “Generate, view, upload, or delete SSL certificates” link. Click the Upload button to browse for the certificate you received from your service provider. If the certificate was downloaded as text, paste the certificate content into the frame of your browser.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/9/99/Install-an-SSL-Certificate-Step-20.jpg/v4-728px-Install-an-SSL-Certificate- Step-20.jpg”,”bigUrl”:”https://www.wikihow.com/images/thumb/9/99/Install-an-SSL-Certificate-Step-20.jpg/v4-728px-Install- an-SSL-Certificate-Step-20.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,”bigHeight”:546,”licensing”:”<div class=”mw-parser -output”></div>”}

Click the “Install SSL Certificate” link. The SSL certificate installation will be complete. The server will restart and the certificate will be distributed.

{“smallUrl”:”https://www.wikihow.com/images_en/thumb/0/0d/Install-an-SSL-Certificate-Step-21.jpg/v4-728px-Install-an-SSL-Certificate- Step-21.jpg”,”bigUrl”:”https://www.wikihow.com/images/thumb/0/0d/Install-an-SSL-Certificate-Step-21.jpg/v4-728px-Install- an-SSL-Certificate-Step-21.jpg”,”smallWidth”:460,”smallHeight”:345,”bigWidth”:728,”bigHeight”:546,”licensing”:”<div class=”mw-parser -output”></div>”}

Check the certificate. Use different web browsers to check if the certificate is working properly. Connect to your website using the “https://” protocol to force an SSL connection. A padlock icon will appear in the address bar, usually on a green background.

Steps

Using Microsoft Internet Information Services (IIS)

Using Apache

Using Exchange

Using cPanel

Related Posts