In this guide, you will learn about the procedure of installing the SSL certificate on your web application hosted with us. Also, how you can verify your SSL certificate to ensure that it is deployed correctly.
How to Install an SSL Certificate
We offer two different choices when it comes to installing an SSL certificate, so choose from the given below choices to read more.
If you have integrated Cloudflare Enterprise on your application, there is no such requirement to install an additional SSL certificate. If you still wish to install one, you can install the SSL certificate on your Cloudways origin server to achieve an extra layer of security; however, it is not mandatory.
How to Verify Your SSL Certificate
We highly recommend that you verify your SSL certificate after installing it to ensure that it is configured correctly. Many common issues arise if anything goes wrong during the SSL installation process. Your site visitors may also face inconvenience or may see several warnings generated by web browsers if your SSL certificate is not set up correctly.
That’s it! We hope this article was helpful. If you need any help, then feel free to search your query on Cloudways Support Center or contact us via chat (Need a Hand > Send us a Message). Alternatively, you can also create a support ticket.
Q1) Does Cloudways sell SSL certificates?
No, we do not sell SSL certificates; however, you can use the Free Let’s Encrypt Certificate or buy an SSL certificate from third-party vendors and deploy it on your web application.
Q2) What is an SSL/TLS, and how does it work?
SSL or Secure Sockets Layer is an encryption-based internet security protocol. Netscape first developed this protocol in 1995 to ensure privacy, authentication, and data integrity in internet communications. SSL is the predecessor to the modern TLS encryption used today. Read more here.
Q3) How many SSL certificates can be deployed on one application?
For now, only a single SSL certificate can be installed per application. SSL certificates are not copied when you clone your server. You will have to deploy another SSL certificate again on your new server.
Q4) What is the difference between single, multiple, and wildcard SSL?
Single-name SSL certificates protect a single sub-domain (hostname). For example, if you purchase a certificate for www.abcdomain.com, it will not secure my.abcdomain.com.
A SAN (Subject Alternative Name) certificate allows for multiple domain names to be protected with a single certificate. For example, you could get a certificate for mydomain.com, and then add more SAN values to have the same certificate protect mydomain.org, mydomain.net, and even mydomain.com.
A Wildcard SSL certificate allows you to secure multiple sub-domains with just one certificate. In many cases, the wildcard certificate makes more sense than a SAN (Subject Alternative Name) because it allows for unlimited sub-domains, and you don’t need to define them at the time of purchase. Read more here.
Q5) What are root and intermediate certificates?
The SSL certificate chain order consists of root certificates, intermediate certificates, and the end-user certificate. Root CAs are a trusted source of certificates. Intermediate CAs are bridges that link the end-user certificate to the root CA. An SSL certificate chain order is the list of intermediate CAs leading back to a trusted root CA.
Q6) What are CRT and Private KEY files of an SSL certificate?
CRT and KEY files represent two parts of an SSL certificate, CRT being the signed certificate and KEY being the private key to the certificate. .CRT is a file extension for a digital certificate used with a web browser. It is used to verify a secure website’s authenticity distributed by Certificate Authority (CA).
All SSL Certificates require a private key to work. The private key is a separate file with an extension .KEY that’s used in the encryption/decryption of data sent between your server and the connecting users. A private key is created by the certificate owner—when you request your certificate with a Certificate Signing Request (CSR). Read more here.
Q7) What is CSR?
CSR refers to Certificate Signing Request, and it is a small file in which you provide information about the certificate to be created. CSR is required by the Certification Authority or SSL vendor to sign the certificate file when you are purchasing the custom SSL certificate.
Q8) What happens when you install another SSL certificate over your current SSL certificate?
Your new SSL certificate will overwrite the existing one.
Q9) When does Let’s Encrypt SSL Certificate expire?
Let’s Encrypt SSL Certificate expires in 90 days which you can either set the instructions of renewing it automatically, or you can do an on-demand renewal of the SSL certificate via Cloudways Platform when you are close to the expiry date. Learn about the renewal procedure here.
These limitations are set by Let’s Encrypt itself. Read more about Let’s Encrypt limitations here.
Q10) Do I need to integrate CloudwaysCDN again after renewing the SSL certificate?
If you use CloudwaysCDN, then you don’t need to remove your CDN and integrate it again instead simply contact us via LiveChat or open a support ticket so we can update your new certificate at our end. If you use any other CDN besides CloudwaysCDN, you should check with their support to get your certificate updated.
Q11) Which web applications are compatible with the Let’s Encrypt SSL Certificate?
Before installing Let’s Encrypt SSL on your website, it is important to check if your web application requires any changes or not. Read more here.
Q12) How to force HTTPS redirection?
Forcing HTTPS redirection at Cloudways is effortless as now you can enable HTTPS redirection on your Cloudways Platform so Click Here to read more.
Q13) How to make the website more secure after installing the SSL certificate?
We recommend a few best practices which you can follow to enhance your website security, and here is a comprehensive guide to learn more.
Q14) How to update the TLS version?
You can easily update the TLS version using the Cloudways Platform. Check this guide to see how.