Simply Fast WordPress [14] - Using KUSANAGI – Adding Always-On SSL and HTTP/2 (Part 2. SSL Server Certificates for Business)

Getting an SSL server certificate

The process for acquiring an SSL server certificate is as follows:

      Generate a private key on the server
      Generate a CSR (Certificate Signing Request) on the server
      Submit your CSR to the certificate authority (buy an SSL certificate)

Let's follow these steps with KUSANAGI. This time we will explain how to build a new WordPress site with Always-On SSL and get it running.

1.Generate a private key on the server

Log in as an admin user through the shell, then execute the following command to create a server.key private key.

openssl genrsa -out server.key 2048

The command to generate a private key.

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwhD2vaIo0izif1zWuGdcWF7PqoCzGOAT/Ot7nNBf5QNbIcfI
(Abbreviated)
+EsHuvmL6q968wuQ1JsgepBA6k2/rfLT7ZRT0omcVPrEcJ8Mxplm
-----END RSA PRIVATE KEY-----

2.Generate a CSR on the server

Select the server.key that you generated and create a server.csr. Input your location and company information.

The command to generate the CSR and example input.

openssl req -new -key server.key -out server.csr

Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:New York
Locality Name (eg, city) [Default City]:New York
Organization Name (eg, company) [Default Company Ltd]:Prime Strategy Co.,Ltd.
Organizational Unit Name (eg, section) []:Develop division
Common Name (eg, your name or your server's hostname) []:kusanagi.tokyo
Email Address []:admin@kusanagi.tokyo
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

The server.csr will be generated after inputting the necessary information

-----BEGIN CERTIFICATE REQUEST-----
MIIC8DCCAdgCAQAwgaoxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEQMA4G
(Abbreviated)
OgTZeHzMrP5MN+j/k9sd+GhEtTdmxvkKJ0N2Nt6nWnYnzOE2
-----END CERTIFICATE REQUEST-----

3.Submit the CSR to the certificate authority for validation (purchase an SSL certificate)

You can get validation by submitting the CSR that you generated to a Certificate Authority. A simple search for "SSL server certificates" will produce results like: Digicert, Globalsign, Network Solutions, and Symantec. Choose the appropriate Certificate Authority, level of validation, and price for your system or business and apply for a certificate.

After applying, the Certificate Authority will request that you submit your CSR. There will also be instructions for the validation procedure that need to be followed.

You will get your SSL server certificate after validation is complete. Some Certificate Authorities will issue a temporary certificate. In this article, we will name the SSL certificate that you get "server.crt" and the temporary certificate "intermediate.crt". You can skip the parts of this article pertaining to temporary certificates if you did not receive one.

-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIQNP91sDHHDXnuA0Ah99PD3TANBgkqhkiG9w0BAQsFADBC
(Abbreviated)
hsFI9+pXMeJhRhiiZr4qiriPlfN1u4vJKZLDJvhSLgM2
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIETTCCAzWgAwIBAgIDAjpxMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
(Abbreviated)
Px8G8k/Ll6BKWcZ40egDuYVtLLrhX7atKz4lecWLVtXjCYDqwSfC2Q7sRwrp0Mr8
2A==
-----END CERTIFICATE-----
Pages: 1 2 3

KUSANAGI module update

KUSANAGI version upgrade details 8.0.2-2

KUSANAGI Open Source Licenses | KUSANAGI Business Edition, Advanced Edition, Premium Edition End-User License Agreement

KUSANAGI Logo and Mascots | Privacy Policy | Contact US

© 2015 - 2024 Prime Strategy Co., Ltd. All rights reserved