{"id":2018,"date":"2018-11-04T15:07:51","date_gmt":"2018-11-04T15:07:51","guid":{"rendered":"http:\/\/elbsolutions.com\/projects\/?p=2018"},"modified":"2022-02-03T11:24:27","modified_gmt":"2022-02-03T17:24:27","slug":"notes-about-installing-ssl-the-long-and-hard-way","status":"publish","type":"post","link":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/","title":{"rendered":"Notes about installing SSL the long and hard way"},"content":{"rendered":"<p>Now GoDaddy offers experts to install your SSL for you and do audits etc. This means things are getting serious on the net and the news on the radio supports that.\u00a0 But I thought, why is there so much difficulty in installing SSL? Well, it isn&#8217;t that difficult but there are a lot of things to know &#8211; that is likely what it is all about.<\/p>\n<p>My challenge to myself is that if we generate a CSR on one computer (in this case unix) &#8211; how do we get it to a whole different platform (in this case windows IIS)? The process is not hard, it is the research to understand it all. Now I have it here for reference for future endeavours.<!--more--><\/p>\n<ul>\n<li>format an SSD card<\/li>\n<li>unix $:\u00a0openssl req -new -newkey rsa:2048 -nodes -keyout \\path\\to\\ssd\\card\\mydomain.com.key \\path\\to\\ssd\\card\\mydomain.csr\n<ul>\n<li>this makes a private key (.key file) and a certificate security request<\/li>\n<\/ul>\n<\/li>\n<li>go to GoDaddy &#8211; this is the first thing they ask for<\/li>\n<li>when you get an email STAY ON THE COMPUTER WITH THE PRIVATE KEY as we need the private key to eventually be on the server need SSL served from<\/li>\n<li>download the info in IIS format to the ssd card (that is a pulldown) and it gives you\n<ul>\n<li>certificate (.cer file) they give you\u00a0 (lets call this godaddy.cer)<\/li>\n<li>intermediate certificate (lets call this godaddy.p7b<\/li>\n<li><span style=\"text-decoration: underline;\">but<\/span>\u00a0this zip file contains NO private key &#8230; and you need that private key<\/li>\n<\/ul>\n<\/li>\n<li>if you are bored &#8211; you can open up all these files &#8211; they are all text files. Look at the first row and you will see most of them are different from each other.<\/li>\n<li>Next, from an <a href=\"https:\/\/nickstips.wordpress.com\/2010\/09\/08\/sql-ssl-and-sql-server-2008-creating-the-certificate\/\">ancient web article<\/a> and <a href=\"https:\/\/www.ssl.com\/how-to\/create-a-pfx-p12-certificate-file-using-openssl\/\">a modern one<\/a> &#8211; to easily import all the certificates into Windows IIS, windows requires an &#8220;import&#8221; of the downloaded files WITH the private key and Windows does this with a .pfx file. This pfx (a binary format) contains the intermediate and private keys once is is generated. You can do all this with openssl\n<ul>\n<li>first convert the p7b file into a certificate format that openssl can (<a href=\"https:\/\/www.ssl.com\/how-to\/create-a-pfx-p12-certificate-file-using-openssl\/\">same article<\/a>) use\n<ul>\n<li>\u00a0openssl pkcs7 -print_certs<br \/>\n-in \\path\\to\\ssd\\card\\godaddy.p7b<br \/>\n-out\u00a0\\path\\to\\ssd\\card\\godaddy.p7b.crt<\/li>\n<\/ul>\n<\/li>\n<li>openssl pkcs12<br \/>\n-export<br \/>\n-out \\path\\to\\ssd\\card\\certificate.pfx<br \/>\n-inkey \\path\\to\\ssd\\card\\mydomain.com.key<br \/>\n-in \\path\\to\\sdd\\card\\godaddy.cer<br \/>\n-certfile \\path\\to\\ssd\\card\\godaddy.p7b.crt<\/li>\n<\/ul>\n<\/li>\n<li>Now you will see a .pfx file which is binary &#8211; so you can&#8217;t copy\/paste it &#8211; it has to be a file transfer\n<ul>\n<li>upload it securely to your server and using the certificates mmc snap in &#8211; you IMPORT it.<\/li>\n<li>THEN go to IIS&#8217;s root and &#8220;complete&#8221; the remaining certificate ensuring you do NOT click the &#8220;exportable&#8221; options<\/li>\n<\/ul>\n<\/li>\n<li>Copy your SSD to another one<\/li>\n<li>Store them safely away<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Now GoDaddy offers experts to install your SSL for you and do audits etc. This means things are getting serious on the net and the news on the radio supports that.\u00a0 But I thought, why is there so much difficulty in installing SSL? Well, it isn&#8217;t that difficult but there are a lot of things [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2018","post","type-post","status-publish","format-standard","hentry","category-general"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Notes about installing SSL the long and hard way - ELB Solutions.com Inc.<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Notes about installing SSL the long and hard way - ELB Solutions.com Inc.\" \/>\n<meta property=\"og:description\" content=\"Now GoDaddy offers experts to install your SSL for you and do audits etc. This means things are getting serious on the net and the news on the radio supports that.\u00a0 But I thought, why is there so much difficulty in installing SSL? Well, it isn&#8217;t that difficult but there are a lot of things [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/\" \/>\n<meta property=\"og:site_name\" content=\"ELB Solutions.com Inc.\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-04T15:07:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-03T17:24:27+00:00\" \/>\n<meta name=\"author\" content=\"Etienne Bley\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Etienne Bley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/\"},\"author\":{\"name\":\"Etienne Bley\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"headline\":\"Notes about installing SSL the long and hard way\",\"datePublished\":\"2018-11-04T15:07:51+00:00\",\"dateModified\":\"2022-02-03T17:24:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/\"},\"wordCount\":502,\"articleSection\":[\"General\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/\",\"name\":\"Notes about installing SSL the long and hard way - ELB Solutions.com Inc.\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\"},\"datePublished\":\"2018-11-04T15:07:51+00:00\",\"dateModified\":\"2022-02-03T17:24:27+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/notes-about-installing-ssl-the-long-and-hard-way\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Notes about installing SSL the long and hard way\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\",\"name\":\"ELB Solutions.com Inc.\",\"description\":\"Bringing all your IT Pieces together\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\",\"name\":\"Etienne Bley\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"caption\":\"Etienne Bley\"},\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/author\\\/etienne-bley\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Notes about installing SSL the long and hard way - ELB Solutions.com Inc.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/","og_locale":"en_US","og_type":"article","og_title":"Notes about installing SSL the long and hard way - ELB Solutions.com Inc.","og_description":"Now GoDaddy offers experts to install your SSL for you and do audits etc. This means things are getting serious on the net and the news on the radio supports that.\u00a0 But I thought, why is there so much difficulty in installing SSL? Well, it isn&#8217;t that difficult but there are a lot of things [&hellip;]","og_url":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/","og_site_name":"ELB Solutions.com Inc.","article_published_time":"2018-11-04T15:07:51+00:00","article_modified_time":"2022-02-03T17:24:27+00:00","author":"Etienne Bley","twitter_misc":{"Written by":"Etienne Bley","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/#article","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/"},"author":{"name":"Etienne Bley","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"headline":"Notes about installing SSL the long and hard way","datePublished":"2018-11-04T15:07:51+00:00","dateModified":"2022-02-03T17:24:27+00:00","mainEntityOfPage":{"@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/"},"wordCount":502,"articleSection":["General"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/","url":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/","name":"Notes about installing SSL the long and hard way - ELB Solutions.com Inc.","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/#website"},"datePublished":"2018-11-04T15:07:51+00:00","dateModified":"2022-02-03T17:24:27+00:00","author":{"@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"breadcrumb":{"@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/elbsolutions.com\/projects\/notes-about-installing-ssl-the-long-and-hard-way\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/elbsolutions.com\/projects\/"},{"@type":"ListItem","position":2,"name":"Notes about installing SSL the long and hard way"}]},{"@type":"WebSite","@id":"https:\/\/elbsolutions.com\/projects\/#website","url":"https:\/\/elbsolutions.com\/projects\/","name":"ELB Solutions.com Inc.","description":"Bringing all your IT Pieces together","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/elbsolutions.com\/projects\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39","name":"Etienne Bley","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","caption":"Etienne Bley"},"url":"https:\/\/elbsolutions.com\/projects\/author\/etienne-bley\/"}]}},"_links":{"self":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/2018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/comments?post=2018"}],"version-history":[{"count":1,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/2018\/revisions"}],"predecessor-version":[{"id":2019,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/2018\/revisions\/2019"}],"wp:attachment":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/media?parent=2018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/categories?post=2018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/tags?post=2018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}