Differences
This shows you the differences between two versions of the page.
Next revision Both sides next revision | |||
ssl_certificates [2014/09/26 15:31] 127.0.0.1 external edit |
ssl_certificates [2015/06/01 17:32] steve |
||
---|---|---|---|
Line 10: | Line 10: | ||
==== Buying a Certificate ==== | ==== Buying a Certificate ==== | ||
- | |||
- | == Policy == | ||
- | |||
- | Always buy a wildcard certificate for a client. This will guarantee that we can use it with any subdomain, and that the client will not need extra IP addresses. | ||
== Namecheap == | == Namecheap == | ||
Line 30: | Line 26: | ||
<code> | <code> | ||
- | openssl req -new -key /etc/ssl/private/private.key -out /etc/ssl/certs/digitaltrike.com.csr | + | openssl req -new -key /etc/ssl/private/private.key -out /etc/ssl/certs/domain.com.csr |
</code> | </code> | ||
Line 42: | Line 38: | ||
Save the Certficate Authority bundle to ''/etc/ssl/certs/domain.com.cabundle'' | Save the Certficate Authority bundle to ''/etc/ssl/certs/domain.com.cabundle'' | ||
- | |||
- | |||
- | |||
- | ==== Digital Trike ==== | ||
- | |||
- | Our SSL cert is a wildcard certificate. The Common Name is ''*.digitaltrike.com'' The private key is signed with a password. | ||
- | |||
- | The master keys and CA files are stored on tahiti in ''/etc/ssl/digitaltrike.com'' | ||
- | |||
- | ==== Maintenance ==== | ||
- | |||
- | Digital Trike can offer to clients the option to purchase, install and monitor SSL certificates. | ||
=== Comodo SSL Certificates (Namecheap) === | === Comodo SSL Certificates (Namecheap) === | ||
Line 67: | Line 51: | ||
* Unlimited server licenses | * Unlimited server licenses | ||
- | === GeoTrust SSL Certificates (Namecheap) (Recommended) === | + | === GeoTrust SSL Certificates (Namecheap) === |
[[http://www.namecheap.com/ssl-certificates/geotrust-ssl-certificates/true-businessid-wildcard.aspx|True BusinessID Wildcard]] | [[http://www.namecheap.com/ssl-certificates/geotrust-ssl-certificates/true-businessid-wildcard.aspx|True BusinessID Wildcard]] |