How Do I Add an SSL Certificate to the Background of a Website Built by Baota?
Before installing a certificate, obtain the certificate file and password file. Perform the following operations based on the value selected for CSR when applying for a certificate:
- If you select System generated CSR for CSR when applying for a certificate, perform the operations according to the instructions in System generated CSR.
- If you select Upload a CSR for CSR when applying for a certificate, perform the operations according to the instructions in Upload a CSR.
System generated CSR
The Pagoda panel contains the Apache environment and Nginx environment.
- Configuring the SSL Certificate in the Nginx Environment
- Decompress the downloaded certificate file on your local PC.
The downloaded file contains the Apache, IIS, Nginx, and Tomcat folders as well as the domain.csr file. Figure 1 shows an example.
- Obtain the certificate file Certificate ID_Domain name bound to the certificate_server.crt and private key file Certificate ID_Domain name bound to the certificate_server.key from Certificate ID_Domain name bound to the certificate_Nginx.
- The Certificate ID_Domain name bound to the certificate_server.crt file contains two segments of certificate codes -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----, which are the server certificate and intermediate CA certificate respectively.
- The Certificate ID_Domain name bound to the certificate_server.key file contains a segment of private key code -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----.
- Open the SSL page of BaoTa.
- Copy the content in Certificate ID_Domain name bound to the certificate_server.key to the KEY text box.
- Copy the content in Certificate ID_Domain name bound to the certificate_server.crt to the configuration box of the certificate (in PEM format).
- Decompress the downloaded certificate file on your local PC.
- Configuring the SSL Certificate in the Apache Environment
- Decompress the downloaded certificate file on your local PC.
The downloaded file contains the Apache, IIS, Nginx, and Tomcat folders as well as the domain.csr file. Figure 2 shows an example.
- Obtain the certificate files Certificate ID_Domain name bound to the certificate_ca.crt and Certificate ID_Domain name bound to the certificate_server.crt, and private key file Certificate ID_Domain name bound to the certificate_server.key from Certificate ID_Domain name bound to the certificate_Apache.
- The Certificate ID_Domain name bound to the certificate_ca.crt file contains a segment of intermediate CA certificate code -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
- The Certificate ID_Domain name bound to the certificate_server.crt file contains a segment of server certificate code -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.
- The Certificate ID_Domain name bound to the certificate_server.key file contains a segment of private key code -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----.
- Open the SSL page of BaoTa.
- Copy the content in Certificate ID_Domain name bound to the certificate_server.key to the KEY text box.
- Combine Certificate ID_Domain name bound to the certificate_server.crt and Certificate ID_Domain name bound to the certificate_ca.crt and enter the combined content in the configuration box of the certificate (in PEM format).
- When the server.crt and ca.crt files are combined, the content of the server.crt file must be placed before that of the ca.crt file. If the sequence is incorrect, the Apache cannot be started properly.
- If your certificate is not purchased on SCM, the names of the downloaded .crt files are _public.crt and _chain.crt. The mappings with the certificate files issued by SCM are as follows:
- The _public.crt file maps to the server.crt file.
- The _chain.crt file maps to the ca.crt file.
During the combination, the content of the _public.crt file is placed before that of the _chain.crt file.
- Decompress the downloaded certificate file on your local PC.
Upload a CSR
In this case, perform the following steps in both the Apache and Nginx environments.
- Decompress the downloaded certificate package to obtain the Certificate ID_Domain name bound to the certificate_server.pem file.
The Certificate ID_Domain name bound to the certificate_server.pem file contains two segments of certificate codes -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----, which are the server certificate and intermediate CA certificate respectively.
- Open the SSL page of the Pagoda website.
- Copy the content of the private key server.key generated during CSR generation to the KEY text box.
- Copy the content in Certificate ID_Domain name bound to the certificate_server.pem to the configuration box of the certificate (in PEM format).
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot