posted on: July 24, 2009, 1:02 a.m.
so i just converted my site to a pure ssl thang (update: not true. i still use http), and wanted to document the magic sauce:
from the ubuntu server guide:
- openssl genrsa -des3 -out server.key.secure 1024
- openssl rsa -in server.key.secure -out server.key
- openssl req -new -key server.key -out server.csr
and from the startssl management page:
- had startssl compute a server.crt for me
- followed instructions here, making sure to grab the ca.pem and the sub.class1.server.ca.pem
this one i kind of made up based on instructions found on digicert's site:
- cat sub.class1.server.ca.pem >> server.crt
badda bing, free certs that work on firefox and safari :)
Update:
If you use Godaddy, they'll send you a domainname.com.crt file along with gd_bundle.crt. do this:
- apache: use your server.key, gd_bundle.crt, and domainname.com.crt
- nginx: use your server.key, cat gd_bundle.crt onto dommainname.com.crt, and use that file too.