Changes

These instructions have been placed here as a DRAFT document which needs editing, tidying up & correcting where & if necessary. This is a work in progress.

These instructions have been placed here as a DRAFT document which needs editing, tidying up & correcting where & if necessary. This is a work in progress.

Go to a shell prompt on your SME server, and get into a familiar location, such as /home/e-smith.

Go to a shell prompt on your SME server, and get into a familiar location, such as /home/e-smith.

Generate a 2048-bit RSA Private key, because as processing power of computers increases, 1024-bit private keys will be broken by the end of 2011 – in one month’s time! Run this command:  

Generate a 2048-bit RSA Private key. 1024-bit private keys are not supported after 2011 because as processing power of computers increases so does the need for stronger keys.

 

 

* Common Name: The fully-qualified domain name, or URL, you're securing. If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.

* Organization: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.

* City or Locality: Name of the city where your organization is registered/located. Do not abbreviate.

* State or Province: Name of the state or province where your organization is located. Do not abbreviate.

 

When you are ready, run this command:  

  openssl req -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

  openssl req -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

If your server (like mine) has no GUI, use scp to copy these 2 files to another location, the same location you will use to access your account at godaddy.com website. Otherwise, use any filemanager to locate the 2 files, and open the yourdomain.csr file.

If your server (like mine) has no GUI, use scp to copy these 2 files to another location, the same location you will use to access your account at godaddy.com website. Otherwise, use any filemanager to locate the 2 files, and open the yourdomain.csr file.

In your godaddy account, Click on Certificates, and when your certificate is listed, select it. The menus at the top should now become active. Click on Re-key.

In your godaddy account, Click on Certificates, and your certificate(s) is presented in a list. Click on "View Status"

 

 

For a new certificate, a dialog box opens with an entry box to paste in the contents of yourdomain.csr file. Be sure to select GoDaddy as your Certificate Issuing Organization, before clicking on the black Re-Key button at the bottom.

 

A new certificate will be created for your domain. Select it using the checkbox, and click on Download. Your browser should download a zip file, same name as your domain.  

 

In the dialog box that opens, paste in the contents of yourdomain.csr file. Be sure to select GoDaddy as your Certificate Issuing Organization, before clicking on the black Re-Key button at the bottom.  

A new page opens and there are button images at the top. Click on "Download" and a zip file will be downloaded to your system. In the zip are two files. You need both of these file on your server.

A new certificate will be created for your domain. Select it using the checkbox, and click on Download. Your browser should download a zip file, same name as your domain. Save this to the desktop, or anywhere you can easily trace it when you get back to the commandline shell. The download will include 2 files: gd_bundle.crt and yourdomain.crt.

Save the zip file to the desktop, or anywhere you can easily trace it when you get back to the commandline shell. The download will include 2 files: gd_bundle.crt and yourdomain.crt.

  Extract these into folder named CERT (folder name is optional, does not have to be very specific).

  Extract these into folder named CERT (folder name is optional, does not have to be very specific).