Requesting Signed SSL Certificate from Certificate Authority

You have an option to partially automate the procedure of issuing an SSL Certificate signing request to a Certificate Authority.

To generate the necessary data for an SSL Certificate request, perform these steps:

1. On the Account tab, click Account Settings > More Tools > SSL Certificates.
2. Click the Create Certificate Signing Request button. The wizard starts.
3. From the Bits field, select the size of the Private key to be requested (2048 or 4096 bit). The Key type is a fixed value (RSA, which corresponds to the Private key type).
4. In the Country, State/Province and Location (City) fields, specify the required address information.
5. In the Organization name and Organization Unit name fields, specify the name of your company and department requesting the Certificate (the Organization Unit name field is optional).
6. In the Common name field, specify the name of the domain you wish to obtain a Certificate for.

   On Apache web hosting, once you obtain a Certificate for a domain, it works for all other domains registered on the same Webspace.

   Note: If the given domain has the www prefix enabled, you must set up your Certificate for a domain name which includes the www prefix (for example, www.example.com). If you register a Certificate for a domain name without the prefix (for example, example.com), the site visitors will receive warning messages when trying to access the domain with the www prefix.

7. In the E-mail field, specify your email address. This field appears pre-filled with the email address specified for your account in CloudBlue Commerce.
8. Click Next.
9. On the next screen, review the information specified in the request.
10. Download both CloudBlue Commerce-generated requests – for an SSL Certificate and for Private key – to your computer using the Download links opposite the Certificate signing request and Private key signing request options.
11. If you wish to save the un-signed Private key in your User Repository, leave the Store private key in repository check box selected. If you do not wish to store the un-signed key, clear the check box.
12. Click Close to close the window.
13. Open your email client program; compose and send an email to the desired Certification Authority, with the downloaded requests for an SSL Certificate and Private key attached to the message.

Having obtained the signed Certificate and Private key, you can either upload them to your User Repository or install them directly on the desired Webspace or website as described:

• For Apache web hosting – in section Enabling SSL on Apache Webspace with Exclusive IP Address