Renewing SSL Certificates With Namecheap: Difference between revisions

From Littledamien Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
[[Category:SSL]] [[Category:Web Hosting]] [[Category:Web Development]]
[[Category:SSL]] [[Category:Web Hosting]] [[Category:Web Development]]
== Verifying the certificate ==
* Log in at [http://namecheap.com namecheap.com]
* '''top menu''' > '''Hi ''{username}''''' > '''Manage SSL Certificates'''
* Active and expired SSL certificates are listed under '''Your SSL Certificates'''
== Renewing SSL with Namecheap cPanel ==
* Log in to cPanel for the site.
* '''Exclusive for Namecheap customers''' > '''Namecheap SSL'''
* All existing certificates will be listed.
* Click the '''Install''' button for the new certificate.
== Generating a Certificate Signing Request (CSR) ==
=== Creating a new Certificate Signing Request (CSR) ===
<p class="alert alert-info">It is not strictly necessary to generate a new CSR if one already exists for a given domain on the server. However, the recommendation is to generate a new CSR each time a certificate is renewed. If one already exists for a domain with a certificate being renewed, it's ok [[#Getting the CSR using an existing key|to use the existing CSR]].</p>
* Log in to cPanel account
* '''Security''' > '''SSL/TLS Manager'''
* '''Private Keys (KEY)''' > '''Generate, view, upload, or delete your private keys'''
* '''Generate a New Private Key'''
** '''Key Size:''' ''(At least 2048 bits)''
** '''Description:''' ''Something that will identify which certificate is using the key, e.g. <nowiki>[DOMAIN_NAME] ([MM/YYYY])</nowiki>''
** Click '''Generate'''
* The next page displays the newly generated private key.
** Click '''Return to SSL Manager'''
* '''Certificate Signing Requests (CSR)''' > '''Generate, view, or delete SSL certificate signing requests'''
* '''Generate a New Certificate Signing Request (CSR)'''
** '''Key''' Select the private key that was generated earlier from the dropdown list.
** '''Domains''' ''Enter the subdomain that will be using the SSL certificate''
** '''City'''
** '''State'''
** '''Country'''
** '''Company'''
** '''Company Division''' ''not required''
** '''Email'''
** '''Passphrase''' ''not required''
** '''Description''' ''not required''
** Click the '''Generate''' button
* On the following page copy the text following '''Encoded Certificate Signing Request:''' This text is what is needed to enter as the CSR for the SSL certificate.
* A certificate will be issued, after which it needs to be installed for the site.<ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9445/0/cpanel Generating a CSR using cPanel], Namecheap knowledgebase</ref>
=== Getting the CSR using an existing key ===
* Log in to cPanel.
* '''Security''' > '''SSL/TLS Manager'''
* Select the relevant domain from the '''Keys on Server''' table > '''Edit''' link
* <strike>Copy the text following '''Encoded Private Key:'''</strike>
* Click on the '''<nowiki>CSR: [domain_name]</nowiki>''' link at the bottom of the page (right above the "Delete Key" button).
* Copy the text following '''Encoded CSR:'''
* This code can be used as the CSR to renew the SSL certificate. <ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9445/0/cpanel Generating a CSR using cPanel], Namecheap Knowlegebase</ref>
== Activating and renewing the certificate ==
== Activating and renewing the certificate ==


Line 61: Line 7:
* '''PositiveSSL Certificate'''
* '''PositiveSSL Certificate'''
** '''(1) CSR'''
** '''(1) CSR'''
*** '''Enter CSR:''' ''Paste [[#Generating a Certificate Signing Request (CSR)|the CSR generated in cPanel]].''
*** '''Enter CSR:''' ''Paste [[Generating Certificate Signing Requests (CSR) with Namecheap|the CSR generated in cPanel]].''
*** '''Primary Domain:''' ''Will be prefilled after a valid CSR is entered in the '''CSR''' field and focus leaves that field.''
*** '''Primary Domain:''' ''Will be prefilled after a valid CSR is entered in the '''CSR''' field and focus leaves that field.''
*** '''Server Type:'''  `Apache, Nginx, cPanel or other`
*** '''Server Type:'''  `Apache, Nginx, cPanel or other`
Line 93: Line 39:


== Installing the SSL certificate ==
== Installing the SSL certificate ==
<p class="alert alert-warning">This information may be deprecated. Try the other methods documented in the article first.</p>


* Log in to cPanel.
* Log in to cPanel.

Revision as of 21:40, 10 April 2017

Activating and renewing the certificate

  • Log in at namecheap.com
  • Account > Dashboard > DOMAIN_NAME (will have SSL listed in the "Expiration" column) > Manage button
  • Products tab > positivessl table item listed as "NEWRENEWAL" for the domain/subdomain in question > Activate button
  • PositiveSSL Certificate
    • (1) CSR
      • Enter CSR: Paste the CSR generated in cPanel.
      • Primary Domain: Will be prefilled after a valid CSR is entered in the CSR field and focus leaves that field.
      • Server Type: Apache, Nginx, cPanel or other
      • Hashing Algorithm: SHA-2
      • Submit button
    • The following page displays the information that was read from the CSR. Confirm by clicking the Next button.
    • (2) Validation
      • DCV Method: Email
      • Approver Email Select an email address associated with the certificate that can be used to complete the validation.
      • Click Next button.
    • (3) Contacts
      • Company Contacts
        • Company Name
        • Address
        • City
        • State
        • Zip/Postal Code
        • Country
        • Other fields are optional.
      • Administrative Contacts
        • Email Address
      • Click Next button
    • (4) Confirm
      • Review the displayed domain and email address and click the Confirm button.
  • An email is sent to the chosen email. A link is provided in the email to complete the process.
  • Open the email, copy the provided code, and click on the link provided in the email.
  • SSL Certificate Validation
    • Paste the validation code in the form field.
    • Click Next button.
  • The certificate is then emailed to the chosen email address. At this point the new certificate is activated, but is not yet installed on the server.

Installing the SSL certificate

  • Log in to cPanel.
  • Security > SSL/TLS
  • Install and Manage SSL for your site (HTTPS) > Manage SSL Sites
  • Under Manage Installed SSL Websites > [ssl_domain] > Actions > Update Certificate
  • Install an SSL Website
    • Copy the certificate code sent from the certificate authority into the Certificate (CRT) field.
      • The code is sent via email from the certificate authority. This is the last email sent in the SSL certificate activation process.
      • At the last renewal, the entity sending the code was "Comodo Security Services".
    • Click the Autofill by Certificate button above the CRT field.
      • The Domain and Private Key field values will be filled in.
      • If everything is ok, green checkmarks will be displayed next to all the fields.
      • Click Install Certificate
    • If all goes well, a SSL Certificate Successfully Updated modal dialog is displayed.
      • Click the OK button.
      • The page is refreshed.
      • The domain should be listed under Manage Installed SSL Websites without any errors or warnings.[1]
  • Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.

Confirming a new/renewed certificate

Note that if the old cert has not yet expired, and is still installed on the server, testing the URL using https in a browser will not be a reliable indicator that the certificate is installed and active.

  • Return to Namecheap Dashboard > Domain List > certificate domain
  • The new certificate should be listed with an expiration date and a Manage button.
  • Load the domain in question in a browser using https protocol.

Notes

  1. Installing a SSL certificate on your server, using cPanel 11.46 (Namecheap knowledgebase)
Retrieved from "https://wiki.dbarchowsky.com/index.php?title=Renewing_SSL_Certificates_With_Namecheap&oldid=2166"