How do I add a free self-signed SSL certificate? - Gregg Hosting

The affects of Web Hosts on Your Business Website

Here're ways your choice of web hosting service provider impacts the performance of your business:


check

Website loading speed

check

Uptime and availability

check

Customer support

check

Security

check

Server location

How do I add a free self-signed SSL certificate?

How do I add a free self-signed SSL certificate?

Overview

An SSL certificate that has not been authenticated by a Certificate Authority is known as a self-signed certificate (CA). That’s what it means when it says it’s signed by the author.

The level of encryption can be the same as any other certificate, but the browser will display a warning when visiting the site because it hasn’t been validated by a CA.

As a result, these certificates should only be used internally on your website, where no visitors will ever see or interact with them.

Browser warnings for self-signed certificates

Browsers cannot trust it because it was not signed by a trustworthy authority. It will continue to work properly, but visitors to your site will see a notice. In Firefox and Chrome, below are some instances of what a visitor might see.

DO NOT USE A SELF-SIGNALED CERTIFICATE IF YOU WANT TO ATTRACT VISITORS TO YOUR WEBSITE.

Firefox

 

Chrome

 

Creating a self-signed certificate

A self-signed certificate cannot be added to the GreggHost panel. To make this type of certificate, you have two possibilities.

Creating a self-signed certificate via SSH

3rd party website
Using SSH to create a self-signed certificate
These commands can be run on a Linux or Mac computer, but these instructions will show you how to get into your GreggHost web server to do so.

Using SSH, connect to your GreggHost web server.
Use SSH to connect to your domain. Instructions can be found in the SSH article.
Make sure you’re in your user’s home directory once you’ve logged into your server through SSH:
[server]
$ cd cd cd cd cd cd
Create your private key using openssl and use it to generate the CSR. To open the OpenSSL command line tool, type the following.
[server]
openssl $
Your command prompt now reads OpenSSL>, indicating that you’re ready to run the tasks below.
Enter the following command without a password to generate a new RSA private key:
genrsa -out OpenSSL> 2048 Private.key
Making an RSA private key using a 2048-bit modulus
65537 is the number e. (0x10001)
Create the certificate with this new private key.
req -new -x509 -key OpenSSL> -out Private.key 365-days-certificate.crt
You’re about to be asked to fill out some information that will be used in your certificate request.
What you’re about to type is a Distinguished Name, or DN for short.
There are many fields to fill out, however some can be left blank.
There will be a default value for some fields; if you type ‘.’, the field will be left blank.
——-
Name of the country (2 letter code) [AU]: Name of the State or Province (full name) Locality Name: [Some-State] (eg, city) []: Name of Organization (eg, company) [Internet Widgits Pty Ltd] is a company based in Australia. : Name of the Organizational Unit (eg, section) []: Popular Name (e.g. server FQDN or YOUR name) Email Address: [] []:
To generate a CSR, you must first provide information about your site in the step above. Because your browser will display a warning for the Self-Signed certificate by default, you can just click through these options without typing anything.
OpenSSL should be closed.
OpenSSL> quit
Verify that your private key and certificate have both been generated.
[server]
$ ls -1 Private.key Certificate.crt
After you’ve created the private key and certificate, you may use the following article to install them in your panel:

What is the procedure for installing a third-party SSL certificate?
You may inspect the contents of the files via SSH by running cat:

cat Certificate.crt [server]$
[server]
private.key $ cat
Using an online website to create a self-signed certificate
Several websites, such as the ones listed below, allow you to create a self-signed certificate:

https://getacert.com/index.html

Forcing your site to load HTTPS be default

Visitors will not be able to utilize your SSL certificate until they manually type https before your domain name, even after you have added it to your site. Because the certificate is supposed to safeguard all of your website traffic, this defeats the point of adding it in the first place.

There are various options for resolving this issue. Instructions on how to construct a configuration file to redirect all visitor traffic to the secure version of your URL may be found in the following article (https).

How to force a redirect to https on your website (SSL)