• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
sharadchhetri.com

sharadchhetri.com

Linux,Cloud Computing And DevOps

  • Home
  • Linux
  • CloudComputing
    • Introduction Cloud Computing
    • Amazon AWS
  • Free E-Books
  • About Me

Create DV SSL Certificate and approve from CA authority

May 6, 2015 by Sharad Chhetri Leave a Comment

Domain Validated (DV) SSL Certificate are encryption only certificates commonly used by many websites. To validate the DV SSL Certificate no paperwork is required and this can be validated either by email or phone call . That is the reason you can quickly obtain the DV SSL certificate.

Advantage of DV SSL

1. Fast Approval Process : Because of no company paperwork and can be validate only via email or phone call, approval is faster.

2. Low Price : As compared to other SSL type (like EV, wildcard, UCC) the price is lower for DV SSL certificate.

Disadvantage of DV SSL

Domain validated certificates do not validate the company authenticity hence anyone can get this very easily. It only helps in encryption . In case if your website deals in money related transaction the aware potential visitors will scared to use your website, in that case EV SSL will be very useful.

Create DV SSL Certificate and approve from CA authority

The Certificate Signing request CSR key is generated in server , it includes many information about organisation/company.
In this section we will first create CSR and private key inside server. For this we will use OpenSSL utility.

Install OpenSSL in your system first.

## In Red Hat / CentOS
yum install openssl openssl-devel

## In Debian/Ubuntu
sudo apt-get install openssl libssl-dev

Now generate private and csr key with RSA 2048 bit. Replace myserver.key and myserver.csr as per your desired name of keys.

NOTE: At present it is important to use SHA2 because SHA1 is deprecated by many reputed web browser because of security reason (Reference Link).

Very Very Important : Keep the private key in safe place and do not miss it.

openssl req -nodes -newkey rsa:2048 -sha256 -keyout myserver.key -out myserver.csr

It will ask series of questions related to your Organisation, Department,location and contact email.At the end “challenge password” will be asked and generally we keep it blank.

Given below is sample reference from our system.

openssl req -nodes -newkey rsa:2048 -sha256 -keyout cloudbox.sharadchhetri.com.key -out cloudbox.sharadchhetri.com.csr
Generating a 2048 bit RSA private key
.....................................................................................+++
......+++
writing new private key to 'cloudbox.sharadchhetri.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Telangana
Locality Name (eg, city) []:Hyderabad
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sharadchhetri.com
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:sharadchhetri.com
Email Address []:admin@sharadchhetri.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

You will find two keys i.e private and CSR keys in your current location of system after generation. Below is our keys –

sharad@linuxworld:/tmp/test/ssl$ ls -l
total 8
-rw-rw-r-- 1 sharad sharad 1086 May  6 21:24 cloudbox.sharadchhetri.com.key
-rw-rw-r-- 1 sharad sharad 1704 May  6 21:24 cloudbox.sharadchhetri.com.csr
sharad@linuxworld:/tmp/test/ssl$

Apply DV SSL Certificates For Certificate Authority Approval

There are many vendors or domain registrars which provide the SSL Certificates . For this post, we will get DV SSL Certificates from NameCheap .

We have already bought the DV SSL Certificate and now we are going to apply for CA approval.

So we login into our NameCheap account

1. First we will activate SSL cert and apply for approval. Get the content of CSR key and paste it in Digital Certificate Form

SSL-CERT-1

2. Then select your approval email

SSL-CERT-2

3. Fill the contact information as per given field in order form.
SSL-CERT-3

In NameCheap you will see the flowchart of approval process.

SSL-CERT-5

4.Check your email, you will get ‘Validation Code’.

SSL-CERT-6

5. Use the ‘Validation Code’ to verify

SSL-CERT-7

6. Once the Validation code is verified, after a short time you will get compressed file with keys in your email.

SSL-CERT-9

Unzip the compressed file with keys which you received from CA. You will find crt files, which you can use in your web browser.

Below is reference of our keys.

unzip cloudbox_sharadchhetri_com.zip

Archive:  /home/sharad/chromedownload/cloudbox_sharadchhetri_com.zip
 extracting: AddTrustExternalCARoot.crt  
 extracting: COMODORSAAddTrustCA.crt  
 extracting: COMODORSADomainValidationSecureServerCA.crt  
 extracting: cloudbox_sharadchhetri_com.crt

Do'nt be greedy, share the knowledge!

  • Click to share on Facebook (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Filed Under: Linux Tagged With: openssl, SSL Certificates

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Follow Us

  • Facebook
  • Twitter
  • GitHub
  • YouTube

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Handpicked Posts

  • terraform

    how to install terraform in Linux : CentOS-Ubuntu

  • docker image

    How to create Ubuntu docker base image

  • install ansible

    Install Ansible in Ubuntu 18.04 LTS with pip3

  • Install Ansible on Ubuntu / CentOS / RHEL

Top Posts & Pages

  • How to delete mail queue in Postfix
  • How to start / stop / restart / reload iptables on CentOS 7 / RHEL 7
  • How to setup Jenkins Credentials for Git repo access
  • How to install MySQL Server 5.6 on CentOS 7 / RHEL 7
  • How to set hostname and FQDN on CentOS 7 and RHEL 7
  • 4 different commands to check the load average in linux
  • How to fix read only USB pen drive in Ubuntu
  • How to find absolute path of command on Linux / Unix : which command
  • How to zip the directory in linux with command line
  • How to print particular line number by using sed command

Recent Posts

  • Install Docker on CentOS 7
  • Install and setup maven in Linux for Jenkins
  • How to setup Jenkins Credentials for Git repo access
  • How to manage Jenkins Credentials
  • Managing Jenkins plugins from command line and GUI

Footer

Sharad Chhetri is an experienced Linux - Cloud Engineer & freelancer. Working on Open Source Technology since RHEL 4.0 (Red Hat Enterprise Linux). He loves sharing the knowledge which earned from real scenarios. Don't be surprised if you find him in technology seminars and meetup groups. You can contact him on email for freelance projects at admin@sharadchhetri.com. Read More…

Help To Needy

If you like our posts and tutorials, please support/donate to ANY “Open Source Project” or do some Charity work. Hope this will make someone happy in this world. Drop me an email if you want to inspire others!

Thank You!

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Our GitHub Repo

sharadchhetri @ GitHub
  • scripts
    Cassandra Backup Script
    September 22, 2019 - 11:51 pm UTC
  • aws
    AWS related stuff like Cloudformation, python boto3 scripts etc.
    August 3, 2019 - 2:45 am UTC
  • cf-prometheus
    prometheus-2.11.1.linux-amd64 for Cloudfoundry
    July 22, 2019 - 9:04 am UTC
  • tomcat

    June 13, 2019 - 12:20 pm UTC
  • maven-sample
    Maven Sample repo
    June 13, 2019 - 10:01 am UTC

Recent Comments

  • Suhas on System settings not opening on Ubuntu 16.04 LTS
  • Kuldeep on How to install own git server with ssh and http access by using gitolite and gitweb in CentOS
  • DD on convert space into new line using sed command
  • Andrew on How to fix read only USB pen drive in Ubuntu
  • ari on Squid proxy server to block websites listed in file
  • Michael on Managing Jenkins plugins from command line and GUI
  • Sharad Chhetri on Secondary Logging : save all users history command output as log
  • Datta on How to fix read only USB pen drive in Ubuntu

Copyright © 2009 - 2019 · All Rights Reserved sharadchhetri.com · · Privacy Policy ·
· sitemap.xml · ·The content is copyrighted to sharadchhetri.com and may not be reproduced on other websites without our permission. ·

Copyright © 2019 · Genesis Sample on Genesis Framework · WordPress · Log in