|
Secure Sockets Layer
SSL is an internet security protocol. When a web server sends out content through
HTTPS, this one gets encrypted so that only the client making the request can read it.
Same rule applies when a client submits information to the web server.
It is a must have for web sites that ask for confidential information from their
visitors and clients.
SSL and Web Host Manager for Apache
This tutorial is to help server or reseller account administrators who want
to set up SSL on any of their web sites. It is based on my experience setting
up SSL on my server. Getting any given domain to deliver HTTPS can be done in
three basic steps.
Step One
First you will need two basic ingredients: A host name that resolves
and an IP address. The host name of choice will depend on what you want
to serve through HTTPS: It can be any domain or subdomain on your server,
even a CNAME. The IP address would be any one bound to your server.
However, each new host that is selected to serve HTTPS will need a different
IP. I tried using the same IP, and all my SSL connections ended up serving
the content of the first one I created.
Step Two
You will need to either buy or generate an SSL certificate. Both these things can be
done through the Web Host Manager 9.1.0 interface: "Purchase & Install SSL Certificate"
or "Generate an SSL Certificate and Signing Request".
|
|
|
|
In both cases you will be asked
to enter personal and company information along with the Certificate host name that you
picked in Step One. Once you have carried out Step Two, two files will have been created
on the server: A .crt and a .key, in my specific case:
|
/usr/share/ssl/certs/hostname.crt
/usr/share/ssl/private/hostname.key
Step Three
Finally, you have to install the certificate. In my case,
"Install an SSL certificate and Setup the Domain" will invoke
the SSL Certificate Installer. "Purchase & Install SSL Certificate"
from Step Two may have its own SSL Certificate installer,
as the name seems to indicate.
In this step you will be asked to enter the Domain (this would be the host name),
the unix user name, the IP address, the crt, and the key. The crt and the key are
the contents of the .crt and .key files generated in Step Two. In Web Host Manager,
if you type in the host name first, you can have these fields be auto-filled for you
by pressing the fetch buttons.
Once this is done, you host name should appear in your list of SSL hosts in WHM.
If it doesn't, and you are creating the SSL connection for the first time, make
sure that the replacement / update box is unchecked.
|