How to generate COMODO SSL certificates

×

Error message

Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in _menu_load_objects() (line 569 of /homepages/46/d762693627/htdocs/dc/includes/menu.inc).
How to generate COMODO SSL certificates

To make a SSL certificate, we need to generate CSR code first. After that there is a few steps to follow.

CSR Generation

Generating a Certificate Signing Request (CSR) using OpenSSL (Apache & mod_ssl, NGINX)

openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr

You will now be asked to enter details to be entered into your CSR.

Country Name (2 letter code) [AU]: GB
State or Province Name (full name) [Some-State]: Yorks
Locality Name (eg, city) []: York
Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany Ltd
Organizational Unit Name (eg, section) []: IT
Common Name (eg, YOUR name) []: mysubdomain.mydomain.com
Email Address []:

Use the name of the web-server as Common Name (CN). If the domain name (Common Name) is mydomain.com append the domain to the hostname (use the fully qualified domain name).

Certificate Installation

 

  1. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle
  2. Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in/etc/ssl/. This must be a directory which only Apache can access.
  3. Move the yourDomainName.crt and yourDomainName.ca-bundle to the ssl.crt directory, which is typically found in the /etc/ssl/ directory.
  4. Edit Apache SSL configuration
    SSLEngine on
    SSLCertificateKeyFile /etc/ssl/ssl.key/server.key
    SSLCertificateFile /etc/ssl/ssl.crt/yourDomainName.crt
    SSLCertificateChainFile /etc/ssl/ssl.crt/yourDomainName.ca-bundle
    blog tag: