If you already have a private key, Certificate Signing Request (CSR), intermediate certificate, and signed SSL certificate (in PEM format), you can install them yourself after setting up Secure Hosting for the domain.
If you already have a signed SSL certificate but do NOT have the corresponding private key, you won't be able install it on DreamHost's servers. Also, do NOT create a private key that is password protected, as the DreamHost panel does not accept these.
1. Review the Adding Secure Hosting (self-signed certificate) to add Secure Hosting and a self-signed certificate to your domain.
● Certificate Signing Request
● Certificate
● Private Key
● Intermediate Certificate
● Be sure to include everything, including the "-----BEGIN CERTIFICATE-----" & "-----END CERTIFICATE-----" lines.
● Use the vertical scroll bars to view the entire contents of the Certificate box after pasting.
● Make sure that you have only one certificate installed; if not, re-paste the proper certificate and verify again.
● Be sure to include everything, including the "-----BEGIN RSA PRIVATE KEY-----" & "-----END RSA PRIVATE KEY-----" lines.
● Use the vertical scroll bars to view the entire contents of the Certificate box after pasting.
● Be sure to include everything, including the "-----BEGIN CERTIFICATE-----" & "-----END CERTIFICATE-----" lines as there may be several of them for this intermediate certificate.
● Make sure to copy them all.
If you already have a signed SSL certificate but do NOT have the corresponding private key, you won't be able install it on DreamHost's servers. Also, do NOT create a private key that is password protected, as the DreamHost panel does not accept these.
1. Review the Adding Secure Hosting (self-signed certificate) to add Secure Hosting and a self-signed certificate to your domain.
2. Open the 'Secure Hosting' page, and then click the 'Change' link to the right of your domain/subdomain.
Four boxes appear on the 'Certificate Settings' page:
● Certificate
● Private Key
● Intermediate Certificate
3. Using your 3rd party certificate information, overwrite the existing certificate text in each of the boxes. For example, in the 'Certificate' box:
● Use the vertical scroll bars to view the entire contents of the Certificate box after pasting.
● Make sure that you have only one certificate installed; if not, re-paste the proper certificate and verify again.
4. In the 'Private Key' box, paste the certificate's private key. You must obtain this from the company you purchased the SSL certificate from.
● Use the vertical scroll bars to view the entire contents of the Certificate box after pasting.
5. If you have an intermediate certificate (or bundle file), then install it yourself by pasting it into the "Intermediate Certificate" box (at the bottom of the page).
● Make sure to copy them all.
6. Click the Save changes now! button.
If there aren't any errors, the new certificate is pushed out to the live servers within 15 minutes.
7. Load your site in a browser using https.
● You can see the padlock icon at the beginning of the URL; if you click on the icon, you’ll see that the cert is verified and active.
If you see the error message "key does not match cert", that means that the SSL certificate you're trying to install does not match the private key that is currently installed. This typically means that the Certificate Signing Request that was used to purchase the SSL certificate was not generated with the private key that is in the panel.
0 comments:
Post a Comment