Renewing SSL Certificates With Namecheap: Difference between revisions

From Littledamien Wiki
Jump to navigation Jump to search
Line 98: Line 98:
=== Legacy instructions ===
=== Legacy instructions ===


<p class=''alert alert-warning">These instructions were created prior to a Namecheap website redesign. They are saved here for legacy purposes only.</p>
<p class="alert alert-warning">These instructions were created prior to a Namecheap website redesign. They are saved here for legacy purposes only.</p>


* Log in at [http://namecheap.com namecheap.com]  
* Log in at [http://namecheap.com namecheap.com]  

Revision as of 18:02, 4 April 2017

Verifying the certificate

  • Log in at namecheap.com
  • top menu > Hi {username} > Manage SSL Certificates
  • Active and expired SSL certificates are listed under Your SSL Certificates

Renewing SSL with Namecheap cPanel

  • Log in to cPanel for the site.
  • Exclusive for Namecheap customers > Namecheap SSL
  • All existing certificates will be listed.
  • Click the Install button for the new certificate.

Generating a Certificate Signing Request (CSR)

Creating a new Certificate Signing Request (CSR)

It is not strictly necessary to generate a new CSR if one already exists for a given domain on the server. However, the recommendation is to generate a new CSR each time a certificate is renewed. If one already exists for a domain with a certificate being renewed, it's ok to use the existing CSR.

  • Log in to cPanel account
  • Security > SSL/TLS Manager
  • Private Keys (KEY) > Generate, view, upload, or delete your private keys
  • Generate a New Private Key
    • Key Size: (At least 2048 bits)
    • Description: Something that will identify which certificate is using the key, e.g. [DOMAIN_NAME] ([MM/YYYY])
    • Click Generate
  • The next page displays the newly generated private key.
    • Click Return to SSL Manager
  • Certificate Signing Requests (CSR) > Generate, view, or delete SSL certificate signing requests
  • Generate a New Certificate Signing Request (CSR)
    • Key Select the private key that was generated earlier from the dropdown list.
    • Domains Enter the subdomain that will be using the SSL certificate
    • City
    • State
    • Country
    • Company
    • Company Division not required
    • Email
    • Passphrase not required
    • Description not required
    • Click the Generate button
  • On the following page copy the text following Encoded Certificate Signing Request: This text is what is needed to enter as the CSR for the SSL certificate.
  • A certificate will be issued, after which it needs to be installed for the site.[1]

Getting the CSR using an existing key

  • Log in to cPanel.
  • Security > SSL/TLS Manager
  • Select the relevant domain from the Keys on Server table > Edit link
  • Copy the text following Encoded Private Key:
  • Click on the CSR: [domain_name] link at the bottom of the page (right above the "Delete Key" button).
  • Copy the text following Encoded CSR:
  • This code can be used as the CSR to renew the SSL certificate. [2]

Activating and renewing the certificate

  • Log in at namecheap.com
  • Account > Dashboard > DOMAIN_NAME (will have SSL listed in the "Expiration" column) > Manage button
  • Products tab > positivessl table item listed as "NEWRENEWAL" for the domain/subdomain in question > Activate button
  • PositiveSSL Certificate
    • (1) CSR
      • Enter CSR: Paste [#Generating a Certificate Signing Request (CSR)|the CSR generated in cPanel].
      • Primary Domain: Will be prefilled after a valid CSR is entered in the CSR field and focus leaves that field.
      • Server Type: Apache, Nginx, cPanel or other
      • Hashing Algorithm: SHA-2
      • Submit button
    • The following page displays the information that was read from the CSR. Confirm by clicking the Next button.
    • (2) Validation
      • DCV Method: Email
      • Approver Email Select an email address associated with the certificate that can be used to complete the validation.
      • Click Next button.
    • (3) Contacts
      • Company Contacts
        • Company Name
        • Address
        • City
        • State
        • Zip/Postal Code
        • Country
        • Other fields are optional.
      • Administrative Contacts
        • Email Address
      • Click Next button
    • (4) Confirm
      • Review the displayed domain and email address and click the Confirm button.
  • An email is sent to the chosen email. A link is provided in the email to complete the process.
  • Open the email, copy the provided code, and click on the link provided in the email.
  • SSL Certificate Validation
    • Paste the validation code in the form field.
    • Click Next button.
  • The certificate is then emailed to the chosen email address, but no action is required. The new certificate should become active after this step.
  • Confirm the newly active certificate
    • Return to Namecheap Dashboard > Domain List > certificate domain
    • The new certificate should be listed with an expiration date and a Manage button.
    • Load the domain in question in a browser using https protocol.

Legacy instructions

These instructions were created prior to a Namecheap website redesign. They are saved here for legacy purposes only.

  • Log in at namecheap.com
  • top menu > Hi {username} > Manage SSL Certificates
  • Click activate or reissue for the targeted certificate.
  • Next page ("SSL Certificate - CSR"): Digital Certificate Order Form
    • Select Web Server: Apache + OpenSSL
    • Copy the CSR string from the CSR stored in the site cPanel.
  • Next page: Digital Certificate Order Form
    • Approver Email: Select one, e.g. Whois Record Type, if it's a valid email
  • Next page: Enter Contact Information for Your SSL Certificate
    • This will be prefilled with either previous settings, or whois contact information. Make any necessary edits.
    • Click the Submit Order button.
  • A SSL Certificate Validation email will be sent to the contact email address.
    • Click the validation link in the email.
    • Submit the validation code from the email.
  • Another email containing the SSL Certificate will be sent.

Installing the SSL certificate

  • Log in to cPanel.
  • Security > SSL/TLS Manager
  • Install and Manage SSL for your site (HTTPS) > Manage SSL Sites
    • Copy the certificate code sent from the certificate authority into the Certificate (CRT) field.
      • The code is sent via email from the certificate authority.
      • At the last renewal, the entity sending the code was "Comodo Security Services".
    • Click the Autofill by Certificate button above the CRT field.
      • The Domain and Private Key field values will be filled in.
      • If everything is ok, green checkmarks will be displayed next to all the fields.
      • Click Install Certificate
    • If all goes well, a SSL Certificate Successfully Updated modal dialog is displayed.
      • Click the OK button.
      • The page is refreshed.
      • The domain should be listed under Manage Installed SSL Websites without any errors or warnings.[3]
  • Immediately after submitting the certificate, navigating to the secure URL in a browser should not generate any errors.

Notes

  1. Generating a CSR using cPanel, Namecheap knowledgebase
  2. Generating a CSR using cPanel, Namecheap Knowlegebase
  3. Installing a SSL certificate on your server, using cPanel 11.46 (Namecheap knowledgebase)
Retrieved from "https://wiki.dbarchowsky.com/index.php?title=Renewing_SSL_Certificates_With_Namecheap&oldid=2157"