Linux: Generate SSL CSR Key with Apache Linux

Oops.. It is been a while MGe disappeared and here I come back again after long holiday for blogging. ūüôā

This article used to guide you to create the CSR(Certificate Signing Request) from your Apache machine.

Web Server: Linux
Web Service: Apache

1. First of all, you will need to create a key pair.

openssl genrsa -out www.yourdomain-example.com.key 2048

– Replace the mickgenie.com with your domain name.
– The number of 2048 used to determined the bit-length of your certificate, where you are advise to have 2048 and above.

2. You will be asking for the pass phrase and you may enter any strong password.

3.  Next, you will need to generate the CSR.

openssl req -new -key www.mickgenie.com.key -out www.mickgenie.com.csr

Next, you will be asking for Country Name, State or Province, Locality or City, Company, Organizational Unit, Common Name and Email Address.

4. Get your CSR and purchase the SSL from SSL provider.

cPanel: How to install SSL with PFX file

If you wish to install exported SSL with .pfx file to your cPanel server. You may refer to the following step.

Assume, you have a file named domain.pfx.

1. Export the key file,

openssl pkcs12 -in domain.pfx -nocerts -out domain.key

2. Export the decrypted key file,

openssl rsa -in domain.key -out domain.decrypted.key

3. Export the Certificate, crt file,

 openssl pkcs12 -in domain.pfx -clcerts -nokeys -out domain.crt

4. Export the Ca Bundle file,

openssl pkcs12 -in domain.pfx -cacerts -nokeys -out cabundle.pem

5. You may now install your SSL through WHM.

cPanel: How to export SSL from cPanel

With cPanel control panel, they do not provide any tool to export the SSL certificate. To done this, you may easily get the SSL export with Linux command through SSH.

To get this done, you may access to SSH through Terminal to Putty.
1. First of all, you need to ensure that you have the root access. Otherwise, contact the server administrator.
2. Log into the SSH.
3. Run the following command and replace the domain_name with your domain name such as mickgenie.com,

# openssl pkcs12 -export -out /backup/domain_name.pfx -inkey /etc/ssl/private/domain_name.key -in /etc/ssl/certs/domain_name.crt

cPanel: Assigned dedicated IP to subdomain

You might want to assign dedicated IP to your subdomain for some reason such as apply SSL to your subdomain.

If you are using cPanel and wish to set dedicated IP to your subdomain, you will find no else where to do that.

However, this could still be able to fix as this article.

Scenario,
– You have domain domain.com and subdomain blog.domain.com.
– You wish to set dedicated IP for blog.domain.com which originally 100.100.100.100 and result as blog.domain.com resolve to 10.0.0.1.

Continue reading cPanel: Assigned dedicated IP to subdomain

Redirect SSL Secured page from ASP.Net

As you know, you may easily force your site fully running SSL from your site but this will causing your site loading slowly as it is running encryption for your site.

Now, you may use the following script to apply your script to use SSL and you may apply this to your Page_Load function.

Dim strURL As String = Request.Url.ToString()
If Request.IsSecureConnection Then
    If strURL.IndexOf("http:") > -1 Then
    strURL = strURL.Replace("http:", "https:")
    Response.Redirect(strURL)
    End If
Else
    If strURL.IndexOf("https:") > -1 Then
    strURL = strURL.Replace("https:", "http:")
    Response.Redirect(strURL)
    End If
End If

SSL – Country Code not valid

When you submit your SSL enrollment process, you might get the error of ,

Country Code not valid

With the above error, you might not use the 2 digit country code with standard of ISO 3166.

The common mistake is using UK for England as known as United Kingdom, but you should use GB which Great Britain.

However, you may refer to the full 2 digit country code as URL below.
ISO 1366 Standard Country Code

http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code_elements.htmIS

aSSL: Add SSL to your Ajax application

The central ingredient of Web 2.0 web applications is Ajax. There is not security weakness in Ajax itself, but adaptation of this technology has changed the Web application development approach.

aSSL, or Ajax Secure Service Layer, is an open source library designed to substitute the need for Secure Socket Layer (SSL) in Ajax web-applications. In a nutshell, aSSL enables the browser to negotiate a secret random 128-bit key with the server using the RSA algorithm. Once a connection is established, the transmitted data will be encrypted using the AES encryption algorithm.

The aSSL library lets web developers to send data safely over the Internet when SSL is not available, or not needed. aSSL is designed for Ajax developers and includes both client and server-side code. aSSL should be be used in non-critical web applications such as chats, blogs and so on.