Requesting and Installing a signed SSL certificate

Foldr v4 provides FREE signed SSL certificates via Let’s Encrypt that can be installed quickly and easily.  Follow this link to find out more.   However, there are some requirements for a Let’s Encrypt certificate installation, such as opening HTTP inbound to the server and ensuring no HTTPS inspection is running on the customer firewall/filter between Foldr at the Internet. If rather than using Let’s Encrypt, you can purchase a signed certificate from a traditional Certificate Authority (such as Godaddy, Digicert or Verisign etc).  A standard domain-validated SSL certificate is typically all that is required, however SAN/UCC or wildcard certificates may also be used.

The steps required

1) Generate your Certificate Signing Request (CSR) and Private Key pair.

This can be done several ways but a quick/easy route is to use the Easy CSR tool on the Digicert website which will produce a single command to run which will use a locally installed version of OpenSSL to generate your CSR and private key.

Digicert Easy CSR – click here

2) Complete the required fields and click Generate.

NOTE – The Common Name is the URL of the site that you are intending to protect with the certificate.

3) This will output the required OpenSSL command to generate a CSR and Private Key pair. Copy the command to the clipboard.

4) OpenSSL is available by default on macOS and most Linux installations. If using a Windows workstation, OpenSSL must be installed separately and can be obtained here – the smaller ‘Light’ version is fine for this purpose, selecting Win32 or Win64 as appropriate.

Run the OpenSSL command in Linux/macOS Terminal as given. For Windows systems, open an elevated command prompt (run as Administrator) and cd to \bin inside the OpenSSL directory (C:\OpenSSL-Win64\bin for x64)

The CSR and Private Key will be created in the working directory.

5) Save both the entire private key and CSR as separate text files to your computer. You will need to send the CSR to your chosen certificate provider as part of the process of requesting your certificate.

6) You will be required to confirm your ownership of the domain, usually by way of an email to the registered contact of the domain held by the registrar.

Once you have validated your certificate request & domain ownership, you will receive a second email to tell you that the signed certificate is ready for download. There can be a slight delay between confirming your domain ownership and your signed certificate being created by your provider.

7) When ready and downloaded, open the signed certificate and Private Key into a text editor and paste into the relevant boxes on the Foldr Settings > Certificates screen.

You should also obtain your Certificate Provider’s Root and Intermediate Chain certificates from their support portal and paste these in at the same time.   Some certificate authorities issue a bundle certificate (which is the CA Root and Intermediate Chain combined into a single file) you need to install this into the Certificate chain box and leave the CA Root box blank.

8) Click SAVE and your certificate will be installed after a few seconds.

Your SSL certificate installation should now be complete and you will no longer receive warnings in the browser or apps when accessing Foldr through the URL (Common Name) protected in the certificate.

The SSL installation can be verified by using an online validation tool such as https://www.sslshopper.com/ssl-checker.html

 

Need more help?

Get in touch and we'll be happy to assist you, [email protected]

© Minnow IT. Registered in England and Wales with company number 07970411.

Made with in Bristol, UK

<