{"id":1033,"date":"2021-07-23T12:43:57","date_gmt":"2021-07-23T12:43:57","guid":{"rendered":"https:\/\/ssdsunucum.com\/blog\/generate-an-ssl-certificate-and-signing-request\/"},"modified":"2021-07-23T12:43:57","modified_gmt":"2021-07-23T12:43:57","slug":"generate-an-ssl-certificate-and-signing-request","status":"publish","type":"post","link":"https:\/\/ssdsunucum.com\/blog\/generate-an-ssl-certificate-and-signing-request\/","title":{"rendered":"Generate an SSL Certificate and Signing Request"},"content":{"rendered":"<\/p>\n<div class=\"col-md-9\">\n<div class=\"flex-column flex-md-row article-header\">\n<div id=\"versioned-article-header\">\n<p class=\"valid-version-info\"><em>Valid for versions 92 through the latest version<\/em><\/p>\n<\/div>\n<div id=\"version-select-group\" aria-label=\"select versions\">\n<h4>Version:<\/h4>\n<h4>82<\/h4>\n<h4>92<\/h4>\n<\/div><\/div>\n<hr>\n<h2 id=\"overview\">Overview<\/h2>\n<p>This feature allows you to simultaneously generate both a self-signed SSL certificate and a certificate signing request (CSR) for a domain. You can also use this interface to generate private keys, which are essential for self-signed certificates and purchased certificates. To purchase a certificate, submit the CSR to your chosen certificate authority (CA). They will provide you with a certificate, typically in a <code>.zip<\/code> file via email.<\/p>\n<p>For more information, read our Purchase and Install an SSL Certificate documentation.<\/p>\n<h2 id=\"contact-information\">Contact Information<\/h2>\n<p>To receive the SSL certificate, private key, and CSR in an email, enter an email address in the <em>Email Address<\/em> text box.<\/p>\n<p>Select the <em>When complete, email me the certificate, key, and CSR.<\/em> checkbox to receive a copy of the request that this interface generates.<\/p>\n<div class=\"callout callout-warning\">\n<div class=\"callout-heading\">Important:<\/div>\n<div class=\"callout-content\">\n        Do <strong>not<\/strong> select this checkbox if your email service provider does not support secure mail via SSL\/TLS.\n    <\/div>\n<\/div>\n<h2 id=\"private-key-options\">Private Key Options<\/h2>\n<p>Select the desired key from the <em>Key Type<\/em> menu. You can select from the following keys:<\/p>\n<ul>\n<li>\n<p><em>RSA, 2,048-bit &#8211; (default)<\/em><\/p>\n<\/li>\n<li>\n<p><em>ECDSA, P-384 (secp384r1)<\/em><\/p>\n<\/li>\n<li>\n<p><em>ECDSA, P-256 (prime256v1)<\/em><\/p>\n<\/li>\n<li>\n<p><em>RSA, 4,096-Deliverability<\/em><\/p>\n<\/li>\n<\/ul>\n<p>For information about each of these keys, read our SSL\/TLS Key Types documentation.<\/p>\n<h2 id=\"certificate-information\">Certificate information<\/h2>\n<p>To generate an SSL certificate and CSR, perform the following steps:<\/p>\n<ol>\n<li>In the <em>Domains<\/em> text box, enter the domain name of the website that the certificate will secure.\n<ul>\n<li>You can enter a wildcard-formatted domain name to install the same certificate on any number of subdomains if they share an IP address. For example, you can use a wildcard certificate for <code>*.example.com<\/code> to securely connect to the <code>mail.example.com<\/code> and <code>www.example.com<\/code> domains.<\/li>\n<li>You can also enter multiple domains, with one domain per line.<\/li>\n<li>For more information about how to share SSL certificates, read our Manage SSL Hosts documentation.<\/li>\n<\/ul>\n<\/li>\n<li>In the <em>City<\/em> text box, enter the complete name of the city in which your servers are located.<\/li>\n<li>In the <em>State<\/em> text box, enter the complete name of the state in which your servers are located.<\/li>\n<li>In the <em>Country<\/em> text box, select the country of origin for the certificate.<\/li>\n<li>In the <em>Company Name<\/em> text box, enter your business\u2019s complete name.\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n        Some certificate authorities may not accept special characters in the <em>Company Name and Company Division<\/em> text boxes. If your company name includes symbols other than a period or a comma, ask your CA to confirm whether you can use these characters.\n    <\/div>\n<\/div>\n<\/li>\n<li>In the <em>Company Division<\/em> section, enter the name of the department or group within the company. This information is optional.<\/li>\n<li>In the <em>Email<\/em> text box, enter a secure contact email address that your CA can use to verify domain ownership.<\/li>\n<\/ol>\n<h2 id=\"shared-secrets\">Shared Secrets<\/h2>\n<p>Enter a passphrase in the <em>Passphrase<\/em> text box if your certificate authority requires one for verification purposes.<\/p>\n<h2 id=\"create\">Create<\/h2>\n<p>After you enter the correct information, click <em>Create<\/em>. WHM will display the CSR with its SSL certificate and private key.<\/p>\n<ul>\n<li>Copy and paste these items into the correct directories.<\/li>\n<li>If you provided an email address, the system also sends the information to that email address.<\/li>\n<li>You can view the keys, certificates, and CSRs that you create in WHM\u2019s <em>SSL Storage Manager<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>SSL\/TLS<\/em> &gt;&gt; <em>SSL Storage Manager<\/em>).<\/li>\n<\/ul>\n<div class=\"callout callout-info\">\n<div class=\"callout-heading\">Note:<\/div>\n<div class=\"callout-content\">\n<p>The system saves this information in the following directories on your servers:<\/p>\n<ul>\n<li>CSR \u2014 <code>\/var\/cpanel\/ssl\/system\/csrs<\/code><\/li>\n<li>SSL certificates \u2014 <code>\/var\/cpanel\/ssl\/system\/certs<\/code><\/li>\n<li>Private keys \u2014 <code>\/var\/cpanel\/ssl\/system\/keys<\/code><\/li>\n<\/ul><\/div>\n<\/div>\n<p>If you purchased an SSL certificate, provide the CSR to the company from which you purchased the SSL certificate.<\/p>\n<p>If you used a self-signed certificate, navigate to WHM\u2019s <em>Install an SSL Certificate on a Domain<\/em> interface (<em>WHM<\/em> &gt;&gt; <em>Home<\/em> &gt;&gt; <em>SSL\/TLS<\/em> &gt;&gt; <em>Install an SSL Certificate on a Domain<\/em>) to install the certificate.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Valid for versions 92 through the latest version Version: 82 92 Overview This feature allows you to simultaneously generate both a self-signed SSL certificate and a certificate signing request (CSR) for a domain. You can also use this interface to generate private keys, which are essential for self-signed certificates and purchased certificates. To purchase a &hellip;<\/p>\n","protected":false},"author":1,"featured_media":1034,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/1033"}],"collection":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/comments?post=1033"}],"version-history":[{"count":0,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/posts\/1033\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media\/1034"}],"wp:attachment":[{"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/media?parent=1033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/categories?post=1033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ssdsunucum.com\/blog\/wp-json\/wp\/v2\/tags?post=1033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}