You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

When setting up a CostOS Server to use HTTPS, an SSL Certificate must be provided. There are many ways to acquire such a Certificate.

The certificate's name must be the FQDN that the server uses to serve its contents.

Creating a Self-Signed Certificate

You can use the Nomitech Certificate Tool to easily create a SSL Certificate

Alternatively you can use another tool, such as openssl, to create the certificate. There are many guides on the internet on how to do so.

Creating a Signed Certificate

The creation of a signed certificate has the following steps.

  1. Create a Private Key
  2. Create a Certificate Signing Request (CSR)
  3. Send the Certificate Signing Request to a Certificate Authority
  4. Get the signed Certificate from the Certificate Authority

Note: The Private Key must never be shared with anyone, not even the security authority.

To help you perform the following steps you can use Nomitech Certificate Tool.

Refer also to the documentation of your Certificate Authority.

Converting the Certificate

Whether you created a Self-Signed Certificate, or acquired a Signed Certificate, you must make sure that the certificate is stored in a keystore whose format is readable by the CostOS Server.

If you used the Nomitech Certificate Tool then that file is already on the correct format.

Otherwise, depending on the format of you certificate file, you must convert it and store it, along with the private key, on a keystore in JKS or PKCS #12 format.

Using the Nomitech Certificate Tool

TODO: CREATE A PAGE AND LINK TO IT

Applying the Certificate

Once the Certificate, along with the corresponding Private Key, are stored in a supported keystore, you can run the CostOS Server installer and configure the Server to use the new Certificate.

TODO: DETAIL INSTRUCTIONS AND SCREENSHOTS OF THE INSTALLER

  • No labels