How can I get an SSL certificate for my application?March 27, 2014

 

SSL provides a secure way to communicate over the internet. In this article we are going to explain how you can obtain and deploy an SSL certificate for your site.

If you already own a certificate for your application (so you don’t need to get a new one), please follow the process described in this article.

Note1: We have recently integrated Let’s Encrypt to the Cloudways Platform. You can now get FREE certificates for your sites using Let’s Encrypt.

Note2: Our servers support the SNI TLS extension, meaning you can deploy multiple certificates protecting multiple applications in the same server, even in the server has just one public IP.

Step 1: Login to the Cloudways console

Go to https://platform.cloudways.com/ and log in with your credentials.

Cloudways Console Login

Step 2: Go to Application Management

Tap on “Applications” on the top menu bar and then select your target application from the list.

Application Management

 

Step 3: SSL Management

Under the “Application Management” section, select the “SSL Certificate” menu option, choose “Custom Certificate” and then click “Create CSR”.

Create CSR

Step 4: Creating a Certificate Signing Request (CSR)

A CSR  is a small file in which you provide information about the certificate to be created. SSL certificate vendors need it to generate the certificate:

For single domain only

  • Select your country, e.g. United States
  • Write down your State, e.g. Florida
  • Write down your Locality, e.g. St. Lucie
  • Write down your Organization Name, e.g. Acme Corporation
  • Write down your Organizational Unit, e.g. Rocket research
  • Write down your email address, e.g. me@acme.com
  • Write down your domain name, e.g. www.acme.com
  • Click the “Submit” button

Domain name” is the most important question and must match the full domain name of your application, e.g. www.acme.com.

Csr info

For multiple domains (SAN)

If you want to secure multiple domains (fully qualified domain names) for your web application, check the “SAN” button and click “Add Domain“. Upon doing so, please enter the information as explained below:

  • Select your country, e.g. United States
  • Write down your State, e.g. Florida
  • Write down your Locality, e.g. St. Lucie
  • Write down your Organization Name, e.g. Acme Corporation
  • Write down your Organizational Unit, e.g. Rocket research
  • Write down your email address, e.g. me@acme.com
  • Write down your domain name, e.g. www.acme.com
  • Write down your second domain name, e.g. www.example2.com

 

Once you are done adding the domains, please click the “Submit” button.

SAN CSR

Step 5: Download the CSR and buy the certificate

Click the “Download CSR” button to download the CSR.

Now with the CSR, you need to buy a certificate on any certificate vendor (like godaddy.com, rapidssl.com, comodo.com, namecheap.com …). Cloudways doesn’t sell certificates. During the process of buying it, you will be asked for the server type (or a similar question), answer “apache+mod_ssl“.

If you need to change any of the details provided in the CSR, simply click on “Re-create CSR” button to recreate it.

CSR install

Step 6: Install the certificate

Once you click the “Install Certificate” button, you will be presented with two text boxes in which to paste the public certificate and the certificate chain provided by your certificate vendor.

The public certificate will be usually provided in a .crt or .cer file (i.e. yourdomain.crt / yourdomain.cer).

The certificate chain, on the other hand, will generally be in a .ca or .ca-bundle file (i.e. yourdomain.ca / yourdomain.ca-bundle).

Note that this can vary as there are many different certificate providers and quite a lot of formats/standards. Contact support in case of doubt.

Click the “Submit” button when done.

Submit CSR

Step 7: Verifying the installed certificate

Open your favorite browser and enter the full domain name of your application (with https at the beginning to force secure browsing).

If you click on the padlock, you should be able to verify all the information you provided via the CSR as well as the validity of the certificate.

Verify SSL Certificate

 

Leave a Reply

Still need help? Our support team is waiting to help you. Ask them now