When setting up a CostOS Server to use HTTPS, an SSL Certificate must be provided. There are many ways to acquire such a Certificate.
The certificate's name must be the FQDN that the server uses to serve its contents.
Creating a Self-Signed Certificate
You can use the Nomitech Certificate Tool to easily create a SSL Certificate
Alternatively you can use another tool, such as openssl, to create the certificate. There are many guides on the internet on how to do so.
Creating a Signed Certificate
The creation of a signed certificate has the following steps.
- Create a Private Key
- Create a Certificate Signing Request (CSR)
- Send the Certificate Signing Request to a Certificate Authority
- Get the signed Certificate from the Certificate Authority
Note: The Private Key must never be shared with anyone, not even the security authority.
To help you perform the following steps you can use Nomitech Certificate Tool.
Refer also to the documentation of your Certificate Authority.
Converting the Certificate
Whether you created a Self-Signed Certificate, or acquired a Signed Certificate, you must make sure that the certificate is stored in a keystore whose format is readable by the CostOS Server.
If you used the Nomitech Certificate Tool then that file is already on the correct format.
Otherwise, depending on the format of you certificate file, you must convert it and store it, along with the private key, on a keystore in JKS or PKCS #12 format.
Using the Nomitech Certificate Tool
Find out how to use the tool on this page
Applying the Certificate
Once the Certificate, along with the corresponding Private Key, are stored in a supported keystore, you can run the CostOS Server installer and configure the Server to use the new Certificate.
TODO: DETAIL INSTRUCTIONS AND SCREENSHOTS OF THE INSTALLER