Westhost Logo

Knowledgebase

KnowledgebaseApplications

Search Articles

Categories

  • Domains
  • Email Hosting
  • Web Hosting
  • WordPress Hosting
  • Website Builder
  • StarterSite
  • Account & Billing
  • Cloud/VPS
    • Dedicated Servers
    Technical Support
    Applications
    Contact Us
    PHP Upgrade

    Help

    Check service status
    Chat with a support agent
    Create a ticket
    Send an email
    Back to Applications

    What Is OpenSSL


    OpenSSL allows you to secure your site providing encryption for customers who place orders or submit information through your site. Open SSL is a free solution for providing an SSL connection to your site. Installing Open SSL for your account will generate a certificate that you can use as an unsigned, untrusted secure certificate, or you can use that to create a trusted certificate through a certificate authority such as GeoTrust or RapidSSL.

    Installing OpenSSL

    For installation instructions, please click here.

    Using OpenSSL

    Once you have installed OpenSSL on your account, 3 files will automatically be created on the server which are located where you specified the paths during installation. If you did not change the default paths, they will be:

    • SSL CSR: /usr/local/apache/conf/ssl.csr/server.CSR
    • SSL KEY: /usr/local/apache/conf/ssl.key/server.key
    • SSL CRT: /usr/local/apache/conf/ssl.crt/server.CRT

    By default, an unsigned and untrusted (yet still encrypted) certificate is created. You will need to work with a Secure Certificate Provider to install a signed and trusted certificate on your account. Below is a general guide on how to do this:

    1. Download the SSL CSR from the server.
    2. Once you have a copy of this file, you will need to give it to the Secure Certificate Provider so that they can generate a signed and trusted SSL CRT file for you.
    3. Once the Secure Certificate Provider has given you the SSL CRT file, you will need to upload it to the server, overwriting the existing server.crt file. By default, Apache will expect the CRT file to be located in /etc/httpd/conf/ssl.crt/. It will also expect it to be named server.crt.
    4. If your Secure Certificate Provider is not a root SSL provider, they will provide you with a chain file as well. The Chain file must be uploaded to the server. By default Apache will be expecting the Chain File to be located in /etc/httpd/conf/ssl.crt/ and named ca. crt. Once the  Chain File is in place, the SSL configuration will need to be modified to enable the use of that file. The SSL configuration file is located in /etc/httpd/conf.d/ and is named ssl. conf. Within this file, there is an SSLCertificateChainFile directive. This line must be un-commented and the change must be saved.
    5. You will need to restart your account to activate the new SSL CRT file and any other changes made.

    If you have further questions about OpenSSL and its use, we would recommend you refer to help resources at http://www.openssl.org/.

    We want to make sure that your experience with us is as good as it possibly can be. With that in mind, we hope you understand that we also have limitations in resources that prevent us from being able to support third-party software (as complex as this) as well as you may need it to be. This is why we ask you to use the above reference for troubleshooting any problems you may have and then, if appropriate, contact us for help in fixing the problem.



    Related Articles

    How To Activate SSL In OSCommerce
    How To Reset My OSCommerce Password
    What Is OSCommerce
    How To Reset My Drupal Password
    What Is Drupal

    Can’t Find what you need?

    No worries, Our experts are here to help.

    Check service statusCreate a ticketChat with a support agent