We can install and distribute SSL certificates supplied by third-party companies onto our infrastructure for you.
What We Need:
To install an external SSL, we must be provided with two files:
- private key file (domain.co.uk.key)
- public and intermediate certificate (domain.co.uk.pem)
The key file should contain only the private key; it should look something like this:
-----BEGIN RSA PRIVATE KEY-----
.
.
.
A BUNCH OF CHARACTER THAT MAKES UP THE PRIVATE KEY
THIS WILL BE AROUND 30 LINES LONG
.
.
.
-----END RSA PRIVATE KEY-----
The PEM file should contain the public certificate and the intermediate certificate; this will look like this:
-----BEGIN CERTIFICATE-----
.
.
.
PULBIC CERTIFICATE FOR THE DOMAIN
.
.
.
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
.
.
.
INTERMEDIATE CERTIFICATE FOR THE DOMAIN
.
.
.
-----END CERTIFICATE-----
Transferring the Files to HA:
These need to be supplied to us in a secure manner so that the private key is never at risk of becoming compromised. Specifically, this means files cannot be sent in plain text in an email or support ticket.
We recommend putting the files into a secure location on a server we provide, which we can then retrieve. Alternatively, if you use a trusted online storage provider that you can securely provide one of our agents access to, you may choose to use this.
Finally:
Once all the above is done we will distribute the certificate to any system that you require, then store an encrypted copy of the certificate on a private git server.
An Alternative:
If you are unable to complete all the necessary steps for supplying a third-party SSL, then you might benefit from our Managed SSL solution. You just tell us what domain you need to secure, and we'll do all the work for you. As part of this, we will also send you a reminder 30 days before the certificate expires and, if needed, handle the renewal process for you. For more info on this, please see this article.
0 Comments