Renewing SSL Certificates With Namecheap: Difference between revisions

From Littledamien Wiki
Jump to navigation Jump to search
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Category:SSL]] [[Category:Web Hosting]] [[Category:Web Development]]
== Current guide using acme.sh ==
== Verifying the certificate ==
 
* Log in at [http://namecheap.com namecheap.com]
* '''top menu''' > '''Hi ''{username}''''' > '''Manage SSL Certificates'''
* Active and expired SSL certificates are listed under '''Your SSL Certificates'''
 
== Renewing SSL with Namecheap cPanel ==
 
* Log in to cPanel for the site.
* '''Exclusive for Namecheap customers''' > '''Namecheap SSL'''
* All existing certificates will be listed.
* Click the '''Install''' button for the new certificate.


== Generating a Certificate Signing Request (CSR) ==
<p class="alert alert-warning">The most recent practical guide for installing SSL certificates on Namecheap hosting using acme.sh is located [[Installing Let's Encrypt SSL Certificates On Namecheap Hosting|here]].</p>
 
=== Creating a new Certificate Signing Request (CSR) ===
 
<p class="alert alert-info">It is not strictly necessary to generate a new CSR if one already exists for a given domain on the server. However, the recommendation is to generate a new CSR each time a certificate is renewed. If one already exists for a domain with a certificate being renewed, it's ok [[#Getting the CSR using an existing key|to use the existing CSR]].</p>
 
* Log in to cPanel account
* '''Security''' > '''SSL/TLS Manager'''
* '''Private Keys (KEY)''' > '''Generate, view, upload, or delete your private keys'''
* '''Generate a New Private Key'''
** '''Key Size:''' ''(At least 2048 bits)''
** '''Description:''' ''Something that will identify which certificate is using the key, e.g. <nowiki>[DOMAIN_NAME] ([MM/YYYY])</nowiki>''
** Click '''Generate'''
* The next page displays the newly generated private key.
** Click '''Return to SSL Manager'''
* '''Certificate Signing Requests (CSR)''' > '''Generate, view, or delete SSL certificate signing requests'''
* '''Generate a New Certificate Signing Request (CSR)'''
** '''Key''' Select the private key that was generated earlier from the dropdown list.
** '''Domains''' ''Enter the subdomain that will be using the SSL certificate''
** '''City'''
** '''State'''
** '''Country'''
** '''Company'''
** '''Company Division''' ''not required''
** '''Email'''
** '''Passphrase''' ''not required''
** '''Description''' ''not required''
** Click the '''Generate''' button
* On the following page copy the text following '''Encoded Certificate Signing Request:''' This text is what is needed to enter as the CSR for the SSL certificate.
* A certificate will be issued, after which it needs to be installed for the site.<ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9445/0/cpanel Generating a CSR using cPanel], Namecheap knowledgebase</ref>
 
=== Getting the CSR using an existing key ===
 
* Log in to cPanel.
* '''Security''' > '''SSL/TLS Manager'''
* Select the relevant domain from the '''Keys on Server''' table > '''Edit''' link
* <strike>Copy the text following '''Encoded Private Key:'''</strike>
* Click on the '''<nowiki>CSR: [domain_name]</nowiki>''' link at the bottom of the page (right above the "Delete Key" button).
* Copy the text following '''Encoded CSR:'''
* This code can be used as the CSR to renew the SSL certificate. <ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9445/0/cpanel Generating a CSR using cPanel], Namecheap Knowlegebase</ref>


== Activating and renewing the certificate ==
== Activating and renewing the certificate ==
=== Activating the new certificate ===


* Log in at [http://namecheap.com namecheap.com]  
* Log in at [http://namecheap.com namecheap.com]  
Line 63: Line 10:
* '''PositiveSSL Certificate'''
* '''PositiveSSL Certificate'''
** '''(1) CSR'''
** '''(1) CSR'''
*** '''Enter CSR:''' ''Paste [[#Generating a Certificate Signing Request (CSR)|the CSR generated in cPanel]].''
*** '''Enter CSR:''' ''Paste [[Generating Certificate Signing Requests (CSR) with Namecheap|the CSR generated in cPanel]].''
*** '''Primary Domain:''' ''Will be prefilled after a valid CSR is entered in the '''CSR''' field and focus leaves that field.''
*** '''Primary Domain:''' ''Will be prefilled after a valid CSR is entered in the '''CSR''' field and focus leaves that field.''
*** '''Server Type:'''  `Apache, Nginx, cPanel or other`
*** '''Server Type:'''  `Apache, Nginx, cPanel or other`
Line 94: Line 41:
* The certificate is then emailed to the chosen email address. At this point the new certificate is activated, but is not yet installed on the server.
* The certificate is then emailed to the chosen email address. At this point the new certificate is activated, but is not yet installed on the server.


=== Installing a newly activated SSL certificate ===
== Installing the SSL certificate ==


* Log in to the website's cPanel dashboard.
* Log in to cPanel.
* '''Security''' > '''SSL/TLS'''
* '''Security''' > '''SSL/TLS'''
* '''Install and Manage SSL for your site (HTTPS)''' > '''Manage SSL sites'''
* '''Install and Manage SSL for your site (HTTPS)''' > '''Manage SSL Sites'''
* Under '''Manage Installed SSL Websites''' > ''<nowiki>[ssl_domain]</nowiki>'' > '''Actions''' > '''Update Certificate'''
* Under '''Manage Installed SSL Websites''' > ''<nowiki>[ssl_domain]</nowiki>'' > '''Actions''' > '''Update Certificate'''
* '''Install an SSL Website'''
* '''Install an SSL Website'''
** '''Domain''' `[ssl_domain]`
** Paste the certificate that was emailed by the Issuing Authority in the '''Certificate (CRT)''' field.<br />''(The expiration date displayed under the CRT field should update accordingly.)''
** '''IP Address''' ''Confirm IP address''
** Click the '''Autofill by Certificate''' button above or next to the '''CRT''' field.  
** '''Certificate: (CRT)''' ''Paste the CRT '''attached to the last email''' sent in the activation process''
** '''Private Key (KEY)''' ''Paste [[#Generating a Certificate Signing Request (CSR)|the key associated with the CRT created through cPanel]] for this certificate''
** '''Certificate Authority Bundle: (CABUNDLE)''' ''leave blank''
 
=== Confirming a new/renewed certificate ===
 
<p class="alert alert-warning">Note that if the old cert has not yet expired, and is still installed on the server, testing the URL using https in a browser will not be a reliable indicator that the certificate is installed and active.</p>
 
* Return to Namecheap '''Dashboard''' > '''Domain List''' > ''certificate domain'' 
* The new certificate should be listed with an expiration date and a '''Manage''' button.
* Load the domain in question in a browser using `https` protocol.
 
=== Legacy instructions ===
 
<p class="alert alert-warning">These instructions were created prior to a Namecheap website redesign. They are saved here for legacy purposes only.</p>
 
* Log in at [http://namecheap.com namecheap.com]
* '''top menu''' > '''Hi ''{username}''''' > '''Manage SSL Certificates'''
* Click '''activate''' or '''reissue''' for the targeted certificate.
* Next page ("SSL Certificate - CSR"): '''Digital Certificate Order Form'''
** '''Select Web Server:''' Apache + OpenSSL
** Copy the CSR string from the CSR stored in the site cPanel.
* Next page: '''Digital Certificate Order Form'''
** '''Approver Email:''' ''Select one, e.g. '''Whois Record Type,''' if it's a valid email''
* Next page: '''Enter Contact Information for Your SSL Certificate'''
** This will be prefilled with either previous settings, or whois contact information. Make any necessary edits.
** Click the '''Submit Order''' button.
* A '''SSL Certificate Validation''' email will be sent to the contact email address.
** Click the validation link in the email.
** Submit the validation code from the email.
* Another email containing the SSL Certificate will be sent.
 
== Installing the SSL certificate ==
 
<p class="alert alert-warning">This information may be deprecated. Try the other methods documented in the article first.</p>
 
* Log in to cPanel.
* '''Security''' > '''SSL/TLS Manager'''
* '''Install and Manage SSL for your site (HTTPS)''' > '''Manage SSL Sites'''
** Copy the certificate code sent from the certificate authority into the '''Certificate (CRT)''' field.
*** The code is sent via email from the certificate authority.
*** At the last renewal, the entity sending the code was "Comodo Security Services".
** Click the '''Autofill by Certificate''' button above the '''CRT''' field.  
*** The '''Domain''' and '''Private Key''' field values will be filled in.
*** The '''Domain''' and '''Private Key''' field values will be filled in.
*** The '''Certificate (CRT)''' field may also be automatically filled in if it has already been applied. If not, see next bullet below.
*** If everything is ok, green checkmarks will be displayed next to all the fields.
*** If everything is ok, green checkmarks will be displayed next to all the fields.
*** Click '''Install Certificate'''
*** Click '''Install Certificate'''
** Copy the certificate code sent from the certificate authority into the '''Certificate (CRT)''' field.
*** The code is sent via email from the certificate authority. This is the last email sent in [[#Activating and renewing the certificate|the SSL certificate activation process]].
*** At the last renewal, the entity sending the code was "Comodo Security Services".
** If all goes well, a '''SSL Certificate Successfully Updated''' modal dialog is displayed.
** If all goes well, a '''SSL Certificate Successfully Updated''' modal dialog is displayed.
*** Click the '''OK''' button.
*** Click the '''OK''' button.
Line 154: Line 62:
*** The domain should be listed under '''Manage Installed SSL Websites''' without any errors or warnings.<ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9418/0/cpanel Installing a SSL certificate on your server, using cPanel 11.46] (Namecheap knowledgebase)</ref>
*** The domain should be listed under '''Manage Installed SSL Websites''' without any errors or warnings.<ref>[https://www.namecheap.com/support/knowledgebase/article.aspx/9418/0/cpanel Installing a SSL certificate on your server, using cPanel 11.46] (Namecheap knowledgebase)</ref>
* Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.
* Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.
== Confirming a new/renewed certificate ==
<p class="alert alert-warning">Note that if the old cert has not yet expired, and is still installed on the server, testing the URL using https in a browser will not be a reliable indicator that the certificate is installed and active.</p>
* Return to Namecheap '''Dashboard''' > '''Domain List''' > ''certificate domain'' 
* The new certificate should be listed with an expiration date and a '''Manage''' button.
* Load the domain in question in a browser using `https` protocol.


== Notes ==
== Notes ==
<references />
<references />
[[Category:SSL]] [[Category:Web Hosting]] [[Category:Web Development]]

Latest revision as of 14:18, 22 February 2025

Current guide using acme.sh[edit]

The most recent practical guide for installing SSL certificates on Namecheap hosting using acme.sh is located here.

Activating and renewing the certificate[edit]

  • Log in at namecheap.com
  • Account > Dashboard > DOMAIN_NAME (will have SSL listed in the "Expiration" column) > Manage button
  • Products tab > positivessl table item listed as "NEWRENEWAL" for the domain/subdomain in question > Activate button
  • PositiveSSL Certificate
    • (1) CSR
      • Enter CSR: Paste the CSR generated in cPanel.
      • Primary Domain: Will be prefilled after a valid CSR is entered in the CSR field and focus leaves that field.
      • Server Type: Apache, Nginx, cPanel or other
      • Hashing Algorithm: SHA-2
      • Submit button
    • The following page displays the information that was read from the CSR. Confirm by clicking the Next button.
    • (2) Validation
      • DCV Method: Email
      • Approver Email Select an email address associated with the certificate that can be used to complete the validation.
      • Click Next button.
    • (3) Contacts
      • Company Contacts
        • Company Name
        • Address
        • City
        • State
        • Zip/Postal Code
        • Country
        • Other fields are optional.
      • Administrative Contacts
        • Email Address
      • Click Next button
    • (4) Confirm
      • Review the displayed domain and email address and click the Confirm button.
  • An email is sent to the chosen email. A link is provided in the email to complete the process.
  • Open the email, copy the provided code, and click on the link provided in the email.
  • SSL Certificate Validation
    • Paste the validation code in the form field.
    • Click Next button.
  • The certificate is then emailed to the chosen email address. At this point the new certificate is activated, but is not yet installed on the server.

Installing the SSL certificate[edit]

  • Log in to cPanel.
  • Security > SSL/TLS
  • Install and Manage SSL for your site (HTTPS) > Manage SSL Sites
  • Under Manage Installed SSL Websites > [ssl_domain] > Actions > Update Certificate
  • Install an SSL Website
    • Paste the certificate that was emailed by the Issuing Authority in the Certificate (CRT) field.
      (The expiration date displayed under the CRT field should update accordingly.)
    • Click the Autofill by Certificate button above or next to the CRT field.
      • The Domain and Private Key field values will be filled in.
      • The Certificate (CRT) field may also be automatically filled in if it has already been applied. If not, see next bullet below.
      • If everything is ok, green checkmarks will be displayed next to all the fields.
      • Click Install Certificate
    • Copy the certificate code sent from the certificate authority into the Certificate (CRT) field.
      • The code is sent via email from the certificate authority. This is the last email sent in the SSL certificate activation process.
      • At the last renewal, the entity sending the code was "Comodo Security Services".
    • If all goes well, a SSL Certificate Successfully Updated modal dialog is displayed.
      • Click the OK button.
      • The page is refreshed.
      • The domain should be listed under Manage Installed SSL Websites without any errors or warnings.[1]
  • Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.

Confirming a new/renewed certificate[edit]

Note that if the old cert has not yet expired, and is still installed on the server, testing the URL using https in a browser will not be a reliable indicator that the certificate is installed and active.

  • Return to Namecheap Dashboard > Domain List > certificate domain
  • The new certificate should be listed with an expiration date and a Manage button.
  • Load the domain in question in a browser using https protocol.

Notes[edit]

  1. Installing a SSL certificate on your server, using cPanel 11.46 (Namecheap knowledgebase)
Retrieved from "https://wiki.dbarchowsky.com/index.php?title=Renewing_SSL_Certificates_With_Namecheap&oldid=3726"