Question:
How to go about getting a Wildcard SSL Certificate for a dedicated server (Linux/CentOS 6) at my office?
2015-03-18 16:51:37 UTC
I have a personal dedicated server that I am using to host a website and an application on. I keep this server at my office. My questions is, how do I go about purchasing a Wildcard SSL Certificate and getting it installed on this machine?

I have bought many SSL certificates through hosting companies when my website was hosted there, but now my server is at my office and I believe I will have to install it myself.

So my second question would be how to install the Wildcard SSL Cert on my Linux CentOS 6 machine?
Four answers:
Jake
2015-03-23 23:14:02 UTC
You require a dedicated IP address for SSL Certificate.



In case you don't have a dedicated IP address, your server must be SNI (Server Name Identification).



Make sure you must get Wildcard SSL Certificate from a trusted Certificate Authority such as Comodo, RapidSSL, Thawte, GeoTrust or Symantec.



Once you get your wildcard SSL certificate, you can find many online sources to install it on your Linux/CentOS server.
?
2015-03-18 18:16:01 UTC
Certificates on Apache are usually specified in /etc/httpd/conf.d/ssl.conf and go in /etc/pki/tls/ certs and private.

Different applications have different requirements; some want a single PEM file, some are fussy about directory permissions, and those two are incompatible so you might end up copying a cert two places.



Why a wildcard if you only have one machine ?

If your machine is still in the same domain you can use the same wildcard cert from the hosting company.
BigE
2015-03-18 18:25:47 UTC
There are plenty of tutorials. You generate a key. You generate a CSR/certificate signing request with that key. You submit that. They give you back a cert. You install the cert with a apache directive that points to the file you got back.
2015-03-18 17:29:10 UTC
Search SSL certificates. There are a lot of providers.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...