HELP & Documents

[...]




Date: 2018.5.19        Author: Admin

Search index: (title and article description search)

No record was found!

Create a SSL certificate


SSL certificates are used to allow certified encryption to your website or application, that it is a must in today world.

In web-browsers, the first thing you will notice is the communication protocol HTTPS and a green (mostly) lock icon near your webpage address.

Be aware that will take few hours to get your certificate signed by a trusted CA.

An SSL certificate has two parts:
- a public certificate chain (your certificate and certificates of those who say that your certificate is OK, aka Certificates Authorities)
- a secret KEY


Get a free SSL certificate from LetsEncrypt:

 
https://greenlock.webdo.com/   or use the original here https://greenlock.domains
( see details at the end of this page )

Certificate Authorities

Internet solution providers that provide trust to your own certificate. They sign your certificate and later will respond with their own servers to your clients' queries about your certificate. There are few CA's approved by most web-browsers.

An SSL secret key should be kept in a secret place! 

In order to create a certified SSL certificate, there are few steps to follow. The process is easy, but it may be a challenge because it is something you need once per year and probably you will forget how to do it every time.

There are different tools and CA providers. Here we will refer to OpenSSL software and one CA application.
The presented information can be used in most cases where you need a signed certified certificate for your website.

1. If you do not have, find and install OpenSSL

2. Run next commands to create the KEY and the certificate request

openssl genrsa -out keyname.key 2048


This will create a key to be used later to sign your certificate request, in order to use it with most web servers it should not be password protected. Keep it safe. The CA provider will not request this, the web hosting provider will need it to pair with the final certificate in order to provide encrypted communication.

openssl req -new -sha256 -key keyname.key -out certificatename.csr

You will need to answer few questions. If you will need a so-called "wildcard" certificate that protects also your subdomains you will need to set the "common name" using "*." in front like in *.myowndomain.com

The CSR file or certificate sign request should be presented to a Certificate Authority to be signed.
You may create and use your own CA, but it is no good to be used with your web servers because of the lack of trust in your self-signed certificate.

In order to have the chain of trust for your certificate, you must go to a CA. Depending on CA and the certificate signing request there are few steps.

For a basic certificate that certifies the domain name used on a specific location (web servers), you will need only the CSR file. In case you will need to certify also the company that uses the certificate you will need to provide some documents, you should be aware that can take weeks.

The sample to obtain a signed certificate from https://ssls.com, a provider that sign your certificate with Comodo CA's.

1. Chose your certificate type:

- one-domain can be used with https://yourdomain.ext or https://www.yourdomain.ext
- multi-domain will protect many domain names same as one-domain
- subdomains - will protect also your subdomains like in https://onesubdomain.yourdomain.ext 

2. Pay

3. Activate

- provide your CSR file
- chose your certificate form (WebDo web servers are using CRT files)
- check if your request is OK
- approve

4. Follow the CA provider policy that verifies you are the owner of the domain name you need a certificate for (easy to understand why).
- two methods:
    - by email to an administrative account of a domain name (like webmaster@yourdomainname.ext)
    - saving a text file to a specified location in your website webroot *
        - ssls.com will ask to save a text file that can be accessed from
                    http://yourdomainname.ext/.well-known/pki-validation/<text file name> and
                    http://www.yourdomainname.ext/.well-known/pki-validation/<text file name>


* With WebDo hosting you can create folders under a webroot 
of one hosted domain using the web-drive application.
    - you will need to create a web address location
            - using the WebBuilder to publish a website
            - using the web-drive application
            - using the web-ide application
    - any folder created under Applications/webroot
    can be a webroot for a web address.

If you need a signed certificate probably you already have the website hosted, the easiest method is to save the CA provided text file where you are instructed to.

Ask our support department for help if you need any information or help related to WebDo and SSL certificates.

You can choose any CA provider you may like, in order to use the certificate with the WebDo hosting services, the certificate should be in CRT format (your certificate and a chain of CA's certificates).


Free SSL certificate from LetsEncrypt:

https://greenlock.webdo.com   or use the original here https://greenlock.domains

For domains hosted with WebDo, you can use the Drive we-app to set the required key for LetsEncrypt. It should be the folder that host your domain:

<path>/<your-website-folder>/.well-known/acme-challenge/ like in next picture.















Loading data

Loading WordBricks ...

| 1.1.1. Welcome| 1.1.2. Register a new account| 1.1.3. Start| 1.1.4. Technical support| 1.2.1. New website| 1.2.2. New page| 1.2.3. Sections / Page BLOCKS| 1.2.4. Settings| 1.2.5. Save / Backup / Restore| 1.2.6. Background| 1.2.7. My pages| 1.2.8. Page settings| 1.2.9. Website header| 1.2.10. Website menu| 1.2.11. Publish| 1.2.12. Compatibility| 1.2.13. Specials blocks| 1.2.14. DATABLOCKS| 1.2.15. Contacts Form| 1.2.16. Numbers Shuffle - Game| 1.2.17. ChatBox| 2.1.1. WEB hosting| 2.2.1. Hosting plans| 2.3.1. Domain Names| 2.3.2. Register a new domain name| 2.3.3. Domain name management| 2.3.4. Add a SSL certificate| 2.3.5. Create a SSL certificate| 2.3.6. Domain Name Redirects| 2.4.1. SEO informations| 3.1.1. DRIVE| 3.2.1. Files storage| 3.2.2. API drive access| 3.2.3. Safe share files| 3.3.1. WebDO IDE| 4.1.1. Email| 4.1.2. Email Services Names| 5.1.1. Databases| 5.1.2. API key| 5.2.1. Micro data| 5.3.1. Datasets (test fake data)| 6.1.1. We use SOA| 6.2.1. Authorization| 6.2.2. File access| 6.2.3. SendMail| 6.2.4. QR Code| 6.2.5. Document storage API| 6.2.6. MicroData API| 6.2.7. SQL API| 6.2.8. IP API| 6.2.9. DRIVE API| 6.2.10. Link Redirects API| 7.1.2. WebDo CLOUD| 7.1.3. Services Domains| 8.1.1. Payment| 8.1.2. European VAT| 8.2.1. Privacy policies| 8.2.2. Refund policies| 8.2.3. Change web hosting plan| 8.2.4. Minimum order value| 9.1.1. Terms and conditions| 10.1.2. About us| 10.1.2. | 11.1.3. Newsletter Application| 11.2.1. Dashboard| 11.2.2. Subscribers| 11.2.3. Campains| 11.2.4. Email Builder| 11.2.5. Forms| 11.2.6. Forms Builder| 11.2.7. Subscribers Management| 11.2.8. Integrate a custom subscription form using webdo website builder| 12.1.1. Survey Application| 12.2.1. Dashboard| 12.2.2. Add/Edit survey| 12.2.3. Settings| 12.2.4. Campaigns| 12.2.5. Reports| 12.2.6. Survey preview| 12.2.7. Page jumps| 12.2.8. Question types| 13.1.1. E-Detailing Application| 13.2.1. Dashboard| 13.2.2. Presentations| 13.2.3. Campaigns| 13.2.4. Reports| 13.2.5. Templates|