About SSL Certificate

Secure Socket Layer(SSL) provides secure, encrypted communications between a server and client. A website with an SSL certificate is considered safe. Generally, The most important reason for e-commerce sites to be preferred by users is whether they are secure.

The Http protocol has been used for many years to provide communication in the Internet world. But http is not very secure and has turned into HTTPS over time. Https is a protocol used to secure data exchange on network. This protocol in order to provide security performs an encrypted connection with SSL / TLS.

How Can You Purchase SSL Certificate?

If you want to use SSL features, you must obtain an SSL Certificate. This certificate can either be purchased or can be obtained for free from the hosting companies used.

The use of SSL certificate varies based on your need and different types of Certificates. it may vary depending on the browser you are using or the web server software. So you will need to obtain an SSL certificate by looking at the requirements and compatibility parameters.

Questions that needed to be answered before purchasing a certificate are as below.

For Which of Your Domains You Should Purchase A Certificate?

Before purchasing a certificate you need to make a decision about whether it will be for a domain name or more than one domain. Proceeding before making a decision about this may put you in a trouble in the upcoming steps later. Since you might realize later that you need to purchase or change the type of certificate you have.

What Kind of Certificate Should Be Taken?

Once you answered to the previous question and decided about the single or multiple domains to proceed with you must THEN answer to the question of what type of certificate should be taken. Browsing the Internet, you will encounter more than one type of certificate. You should choose the one that best suits you.The SSL certificate types will be described in the next section.

How Do I Purchase It?

The most known sites you can get an SSL certificate are rapidssl, digicert, globalsign, godady. The SSL certificate types offered in each of these companies are different, and the most commonly used and most commonly cited certificate types are as follows:

  • Wildcard SSL f Certificate: “Wildcard SSL Certificate” is a type of certificate that can be used for all of the subdomains of a certain domain. Wildcard SSL also supports Sub-names of the domain. For example; www.yourdomain.net, yourdomain.net, admin.yourdomain.com, *.yourdomain.net .This type of certificate is supported by all browsers such as Internet Explorer, Mozilla, Chrome. Wildcard is the type of certificate which is ideal for e-commerce and sites requiring a secure login.

 

  • SAN supported SSL: Certificates are generally purchased for a hostname (main domain). However, there is another type of certificate which supports more than a domain name and its called SAN. SAN-hosted certificates may vary in hostname permissions. It will be wise to obtain a SAN-supported SSL certificate after you have decided about the number of domains to be served and the type of service you will be serving.
  • Code Signing SSL Certificate:The code signing certificate usually is used by software developers and they digitally sign aps and other software to verify the end-users that the code they are receiving hasn’t been altered or compromised by a third party.If you want to request an SSL certificate for your own server or a code/driver, you need to create a certificate signing request (CSR). This defines both the server that will use your certificate and the domain names (known names) that you will use for SSL certificates.
  • Other type of SSL Certificates: There are also Domain SSL, Extended SSL and Organization SSL certificate types.

Domain SSL: An SSL certificate service that can be used to protect and secure only a domain name. Single or multiple domain options are also available depending on your need.

Organization Validated SSL: Organization Validated  SSL is the type of SSL Certificate that turns the browser’s address bar entirely green, or displays the name of your organization alongside a green lock.

Extended SSL: Extended SSL is the type of certificate service that has more credibility than Domain SSL. The green branded address bar is the most highly recognizable sign of an EV-secured webpage. It shows visitors your website is a safe place to enter their sensitive data.

Above we described different types of certificates you can purchase. Here we are going to explain the procedures for purchasing an SSL certificate from Godady.com.

GODADY Purchase SSL Certificate

  1. First, open https://www.godaddy.com/
  2. Menu> Web Security> SSL Certificates steps should be followed through the main screen

3. Considering types of certificates described above you need to choose the right type of certificate to purchase and then fill out the required billing information and complete the certificate acquisition process.

4. Then from the Manage menu on the Home page(My Products> SSL Certificates), you can download your SSL certificate.

5. After clicking on the Download button, you will be able to download your SSL certificate code by selecting the operating system of your server.

 

 

Note: Since the platform running on our servers is nginx, Other should be selected in this step. nginx should also be selected if available when getting the certificate from a different supplier.
Important Note: If a different option is selected, generated code can be downloaded as .PFX  file or with a different file extension. In any of  these cases, you can use OpenSSL in Linux distributions to generate Medianova Panel compatible certificate(.crt). Furthermore, in Windows operating systems you can perform this operation using IIS server.

 

6. Once you have successfully completed the SSL Certificate purchasing process, the digital code you will obtain, is as follows.

The code given below is compatible with Medianova Panel.

Sample of proper SSL Certificate Code For Medianova Customer Panel:

CRT Code

-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIQV2I0psJl3hFuYbLjocCIuzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSUmFwaWRTU0wgU0hBMjU2IENBMB4XDTE3MTAxNzAwMDAwMFoXDTE4MTAxNjIzNTk1OVowFTETMBEGA1UEAwwKYy4xdjF5Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALii0lU32Elfzu0lZPOzb8mHBFTplcDjHBnvm6ZUf6ByfW4/8T7SxnxBuyb3HY3DwcKegJr8t14AJ3WurNscEMYP0t3pnWVSJLfD/KtgLaZEDmLHYiMasaalkfnSKLdlkCjjYggd56dawidwYzQrtsawd65dadQ ......
-----END CERTIFICATE-----

INTERMEDIATE Code

-----BEGIN CERTIFICATE-----
MIIETTCCAzWgAwIBAgIDAjpxMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMTMxMjExMjM0NTUxWhcNMjIwNTIwMjM0NTUxWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSUmFwaWRTU0wg....
-----END CERTIFICATE-----

ROOT Code

-----BEGIN CERTIFICATE-----
QKLSDALJSWdlksASDmWD6WjdD9dlaljdsa/YWwgQ0EwHhcNMTMxMjExMjM0NTUxWhcNMjIwNTIwMjM0NTUxWjBCMQswCQYDVQQG
EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSUmFwaWRTU0wg.... 
-----END CERTIFICATE-----

SSL Key Code

-----BEGIN PRIVATE KEY-----MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC4otJVN9hJX87tJWTzs2/JhwRU6ZXA4xwsadasdqA66Qwddq4dWEQQ4412DadasZ75umVH+gcn1uP/E0sZ8Qbvsm9x2N/g8HCnoCa/LdeACd1rqzbHBDGD9Ld6Z1lUiS3w/yrYC2mRA5ix2IruydqeM+wjTJENQ/a1R1yOobX30GnjQeyR9gJZ6Y/qiLei1kR5bYjOrqcvGpKa0SCrC3ijk55jGPD1H2dUO52iK7pj-----END PRIVATE KEY-----

After finishing mentioned steps,you need to follow the described procedure below:

Certificate activation through Medianova Panel

  1. Log in to MedianovaCDN account.

If the 2-FA feature is active, the corresponding field should be filled. If the 2-FA feature is disabled, leave the field is empty.

On the left side of your screen, from the navigation bar, click on Zones.

After clicking on Zones, a list of all the Zones you have created so far will be shown. After choosing the right zone you are wishing to activate SSL certificate for, click on Manage and then SSL.

Medinova SSL service provides two different options to establish a secure connection between MedianovaCDN and your origin server. Shared SSL and SNI.

Shared SSL is also available if you want to use Medianova SSL certificate for your own domains and hereby you dont need to obtain an SSL certificate.

Click on SNI on the screen to activate the SSL certificate.  As mentioned earlier, CRT, Intermediate, and Root codes should be  inserted in the following order, including Begin-end blocks, without spaces between them in the SSL Certificate field.

After completing Step 1, click the SSL Key field and add SSL Key code including the begin-end blocks as explained above.

 

If your SSL certificate does contain a password, entering the Passphrase field to complete the SSL activation process might be required.
It is important for certificate codes to have the correct sequence and space between them.  Otherwise, Activation process can’t be completed. It’s also necessary to insert codes without any missing part in order to be able to browse them from various browsers.
You must have a .crt extension to activate your certificate on our panel. If you have a .pfx certificate code, you can click on the link to learn how to convert it to .crt. https://docs.medianova.com/crt-and-key-code-generation-operation/