How to Implement an SSL Certificate

Windows IIS

• 1

  Open the IIS (Internet Information Services) Manager tool. Click on "Start," and key "inetmgr" in the Search box. Press "Enter."

• 2

  Locate the level you want to manage, and in the Machine Features panel, double-click "Server Certificates."

• 3

  Click on "Create Self-signed Certificate" in the Actions view.

• 4

  Enter a "friendly name" to identify your new SSL certificate in the "Specify a friendly name for the certificate" field, and click "OK."

• 5

  Test the SSL certificate with a browser. Enter "https://<myserver>" in the address box and press "Enter." If you see a Security Alert dialog asking for permission to continue, you have successfully applied your SSL certificate.

Linux

• 6

  Generate the SSL key with the following command at the command prompt:

  openssl genrsa --des3 --out newsrvr.key 1024

  This will create a 1024-bit, Triple-DES encrypted key in ASCII text format, which is readable.

• 7

  Generate the Certificate Signing Request, or CSR, with the following command, again at the command prompt:

  openssl req -new -key newsrvr.key -out newsrvr.csr

  Provide accurate answers at the prompts for information so that your SSL certificate will also be accurate, and better able to protect your server.

• 8

  Either send the CSR to a certificate vendor using their certificate request process, or create a self-signed SSL certificate with the following command:

  openssl x509 -req -days 365 -in newsrvr.csr -signkey newsrvr.key -out newsrvr.crt

  This will create an SSL certificate which is good for 365 days. Your vendor will provide installation instructions if you have chosen to purchase a certificate.

• 9

  Copy the SSL key and the SSL certificate, whether purchased or self-signed, in the proper directory with the following copy commands:

  cp newsrvr.crt /usr/local/apache/conf/ssl.crt

  cp newsrvr.key /usr/local/apache/conf/ssl.key

• 10

  Restart your server, and test your newly implemented SSL certificate.