• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

How to install a new Godaddy SSL Wildcard Certificate

by wing

This post has been intended for the first time users who want to install GoDaddy SSL certificate in their website. The procedures described here should work well with Apache server and with Nginx.

Steps to take before installing GoDaddy SSL

To install a digital certificate, you must first generate and submit a Certificate Signing Request (CSR) to the Certification Authority (CA). The CSR contains your certificate-application information, including your public key. Use your Web server software to generate the CSR, which will also create your public/private key pair used for encrypting and decrypting secure transactions.

If you send a certification sending request for a domain hosted by Godaddy, you do not have to generate and submit CSR because GoDaddy will that for you.

Useful link: how to geneate as certificate singning request

Step 1:

To Generate CSRs in  NGINX  or Apache, follow the steps given below,

  1. Connect to your server via SSH
  2. Run the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout your domain name.key -out your domain name.csr

Note: in the above command line, you need to replace the domain name with your domain name. For example, if your domain name is example.com, you can type example.key and example.csr.

The same procedure is valid if you want to install SSL in your Apache server.

You have to type the following information:

  • Common name
  • Organization
  • Organizational unit
  • City or locality
  • State or province
  • Country
  • Passphrase

Though passpharase is optional, you can use a passphrase to make your SSL protect against additional risks.

Step 2:

Open the CSR in a text editor and copy all of the text. The location of the CSR will be the location where you typed the openssl command to create the key. In the location you will find two files: one is yourdomain.key and another is yourdomain.csr. your private key will be yourdomain.key and you can rename it as per your requirements.

Step 3:

Log in to your Godaddy account. Click on SSL certificates and then click on ‘Manage’. Next click on the ‘View Status’. Click on ‘Manage’ and then click on “Re-Key certificate “Paste the full CSR into the SSL request area in your account and click on ‘SAVE’.

certificate signing request godaddy

Step 4:

Download the cert file and the bundle file from Godaddy and then upload it to the /etc/ssl/certs folder. Also you need to put the private key file in the /etc/ssl/private directory.

Step 5.

Make sure you mention the location of the cert and key files in config file of the web service that is installed in your webserver.

How to install a wildcard certificate in the second server without generating CSR

Scenario: You have installed your wildcard certificate in a server, and now want to add that cert in a second server.

At first,combine your certificate with your private key. Godaddy provides a gd_bungle certificate and a singed certificate. In cryptograpy, you can can combine a number of  certicate file into a single file using file archieve format known as PKCS12 or pfx .In order to create a pkcs12(pfx) cert file, you need to combine both the godaddy cert files into a single file.For example, you have two files–one is mycert.crt and another is gd_bundle.crt. To combine the  files, run the following commands  as shown below in your Linux machine

cat mycert.crt  gd_bundle.crt > combined.crt

To create pkcs12 file, you can use Ubuntu Linux or use https://www.sslshopper.com/ssl-converter.html. I used Ubuntu Linux because I  already had Ubuntu installed and it has a built in pkcs12 functionality.

Run the following command in to create your pkcs12 certificate
openssl pkcs12 -export -in  combined.crt -inkey  mykey.key  -out smsvpncert.p12

To check the pkcs12 certificate:
openssl pkcs12 -info -in  smsvpncert.p12

Next go to https://certs.godaddy.com/repository and download the
gd_intermediate.crt (pem) file from GoDaddy Certificate Chain

Then, install this gd_intermediate.crt (pem) file in the ASDM  CA.

Finally, click on identify certificate in the ASA, and then select pkcs12 file that you generate in Ubuntu.
type the passphrase that you created with the p12 file. and install the certificate.

To apply the certificate, go to device management and then click on Advanced and then ssl settings.
click on edit button of outside interface and select the identity certificate that you created earlier.

If you have any questions and thoughts about wildcard SSL certification, please share your feedback with us.

 

Related posts:

  1. How to Renew Self-Signed SSL Certificate with OpenSSL Tool in Linux
  2. How to Setup SSL in AWS application load balancer for WordPress
  3. WordPress Security Best Practices
  4. Yahoo Mail Security Settings:How to Protect Your Account

Filed Under: Internet Security and Safety Tagged With: SSL

Primary Sidebar

Please help us sharing

Categories

  • AWS
  • Basics
  • Containers
  • Cryptocurrency
  • Cyber
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Law & Human Rights
  • Network Security Tips
  • Off Track
  • Social Media Governance
  • Tech Comparisons
  • Tech Stack Suitability
  • Telecom
  • Tutorial

CISSP Sample Test

Take a CISSP Sample Test

CISA Sample Test

CISA IT governance Sample test

Please Follow Us

Contact us for Ads

Go to Contact Form

Search

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

audit AWS backup basics browser check cisco cloud computer configuration cyber data database email gmail hsrp ids iis informaiton internet kubernetes linux load balancing malware microsoft network protection redundancy risk router security security tips server social media SSL switch test tools vpn vrrp web webserver website windows wordpress

Copyright © 2010-2025 ·All Rights Reserved · SecurityWing.com