SSL: Do I need to create a new CSR to renew my ssl certificate?

Many user might ask do I need to regenerate the CSR key when I need to renew my SSL certificate.

In many Apache server do allow you to install your SSL with your previous CSR key unless  you have change the SSL information.

However, the following server is needed to regenerate the CSR key when you renew it,

– Microsoft IIS Server
– Java based server
– Tomcat based server

cPanel: How to export SSL from cPanel

With cPanel control panel, they do not provide any tool to export the SSL certificate. To done this, you may easily get the SSL export with Linux command through SSH.

To get this done, you may access to SSH through Terminal to Putty.
1. First of all, you need to ensure that you have the root access. Otherwise, contact the server administrator.
2. Log into the SSH.
3. Run the following command and replace the domain_name with your domain name such as mickgenie.com,

# openssl pkcs12 -export -out /backup/domain_name.pfx -inkey /etc/ssl/private/domain_name.key -in /etc/ssl/certs/domain_name.crt

Creating SSL MySQL from Linux

SSL certificate always used to encrypted the data file and it is actually supported for database as well.

Today, I will guide you on how to create SSL for MySQL. With this article, I will use OpenSSL as an example.

Please refer to the following command line.
======================
# Create clean environment
shell> rm -rf newcerts
shell> mkdir newcerts && cd newcerts

# Create CA certificate
shell> openssl genrsa 2048 > ca-key.pem
shell> openssl req -new -x509 -nodes -days 1000 \
-key ca-key.pem > ca-cert.pem

# Create server certificate
shell> openssl req -newkey rsa:2048 -days 1000 \
-nodes -keyout server-key.pem > server-req.pem
shell> openssl x509 -req -in server-req.pem -days 1000 \
-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem

# Create client certificate
shell> openssl req -newkey rsa:2048 -days 1000 \
-nodes -keyout client-key.pem > client-req.pem
shell> openssl x509 -req -in client-req.pem -days 1000 \
-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > client-cert.pem
======================

# Create clean environment
shell&gt; <strong class="userinput"><code>rm -rf newcerts</code></strong>
shell&gt; <strong class="userinput"><code>mkdir newcerts &amp;&amp; cd newcerts</code></strong>

# Create CA certificate
shell&gt; <strong class="userinput"><code>openssl genrsa 2048 &gt; ca-key.pem</code></strong>
shell&gt; <strong class="userinput"><code>openssl req -new -x509 -nodes -days 1000 \</code></strong>
         <strong class="userinput"><code>-key ca-key.pem &gt; ca-cert.pem</code></strong>

# Create server certificate
shell&gt; <strong class="userinput"><code>openssl req -newkey rsa:2048 -days 1000 \</code></strong>
         <strong class="userinput"><code>-nodes -keyout server-key.pem &gt; server-req.pem</code></strong>
shell&gt; <strong class="userinput"><code>openssl x509 -req -in server-req.pem -days 1000 \</code></strong>
         <strong class="userinput"><code>-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 &gt; server-cert.pem</code></strong>

# Create client certificate
shell&gt; <strong class="userinput"><code>openssl req -newkey rsa:2048 -days 1000 \</code></strong>
         <strong class="userinput"><code>-nodes -keyout client-key.pem &gt; client-req.pem</code></strong>
shell&gt; <strong class="userinput"><code>openssl x509 -req -in client-req.pem -days 1000 \</code></strong>
         <strong class="userinput"><code>-CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 &gt; client-cert.pem</code></strong>

Create IIS FTP Over SSL(FTPS)

To create FTP Over SSL, you will need to have at least IIS 7.0 and above with IIS 7.0 installed.

You may refer to the URL as below on how to create IIS FTP.
http://www.mickgenie.com/how-to-install-iis-ftp-7-5/

To get FTP over SSL, you will need to install SSL Certificate on your Web Engine (IIS). To get the SSL Certificate, you may purchase the SSL from CA(Certificate authority), alternatively, you may install Self Signed SSL.

1. Click on the Server Certificates from your IIS 7.x. Continue reading Create IIS FTP Over SSL(FTPS)

Install SSL through Shell

Today, I’m about to guide you how to install the SSL key and it will a bit tricky compare to generate the SSL CSR key.

To install the SSL key through Shell, refer to the step as below.
1. Go to path /usr/share/ssl/certs.
$ [email protected][/]# cd /usr/share/ssl/certs
2. Check if the domain.com.csr and domain.com.cabundle existed, else create them and enter the code.
3. Go to path /usr/share/ssl/private.
$ [email protected][/]# cd /usr/share/ssl/private Continue reading Install SSL through Shell

Create SSL certificate in Shell

SSL certificate is one of the digital encryption with full name of Secure Sockets Layer.

Many webmaster use SSL to encrypt their important information such as payment information, etc.

Before you proceed to create the CSR key for SSL, you need the information as below.

  • Domain name of Certificate
  • Country Code
  • State
  • City
  • Company Name
  • Company Division
  • Email Address of the Certificate
  • Password for the certificate

Run the following command from Shell. Continue reading Create SSL certificate in Shell