Jump to content

SSL Certificates: Difference between revisions

From KeenWiki
Newer edit →
Created page with "## Step-by-Step Guide to Using SSL Certificates on Linux and Windows ### **Linux** #### 1. Creating a Self-Signed SSL Certificate - Open your VPS console and log in using SSH. - Generate a private key: ```bash openssl genrsa -des3 -out self-ssl.key 2048 ``` - Create a Certificate Signing Request (CSR): ```bash openssl req -new -key self-ssl.key -out self-ssl.csr ``` - Generate the SSL certificate: ```bash openssl x509..."
 
No edit summary
Line 1: Line 1:
## Step-by-Step Guide to Using SSL Certificates on Linux and Windows
The easiest way to connect to a cloud VPS Linux from Windows using an SSL certificate is through SSH (Secure Shell) with key-based authentication. Here's a step-by-step guide:


### **Linux**
1. Generate an SSH key pair on your Windows machine:
 
   - Open PowerShell
#### 1. Creating a Self-Signed SSL Certificate
   - Run the following command:
   - Open your VPS console and log in using SSH.
   - Generate a private key:
    ```bash
    openssl genrsa -des3 -out self-ssl.key 2048
     ```
     ```
  - Create a Certificate Signing Request (CSR):
     ssh-keygen -t rsa -b 4096
    ```bash
     openssl req -new -key self-ssl.key -out self-ssl.csr
     ```
     ```
   - Generate the SSL certificate:
   - Press Enter to save the key in the default location
    ```bash
 
    openssl x509 -req -days 365 -in self-ssl.csr -signkey self-ssl.key -out self-ssl.crt
2. Copy the public key to your Linux VPS:
    ```
  - Use the `ssh-copy-id` command if available, or
  This creates a self-signed SSL certificate[1].
  - Manually append the content of your public key file (usually `id_rsa.pub`) to the `~/.ssh/authorized_keys` file on your VPS


#### 2. Installing an SSL Certificate
3. Configure your SSH client (e.g., PuTTY or Windows 10's built-in SSH client):
  - Upload the certificate and key files to the server using SFTP.
   - Specify your VPS's IP address or hostname
  - Log in via SSH as the root user.
   - Set the username for your Linux VPS
   - Move the certificate file to `/etc/httpd/conf/ssl.crt` and the key file to `/etc/httpd/conf/ssl.key`.
   - Point to your private key file (usually `id_rsa`)
   - Restrict permissions for security:
    ```bash
    chmod 0400 /etc/httpd/conf/ssl.key
    ```
   - Edit the Virtual Host configuration in `/etc/httpd/conf.d/ssl.conf`, specifying paths for the certificate and key files.
  - Restart Apache:
    ```bash
    systemctl restart httpd
    ```
  This installs the SSL certificate on Linux servers without Plesk[2][5].


#### 3. Using Command Line
4. Connect to your VPS:
   - Place the certificate and CA bundle in appropriate files:
   - Using Windows 10's built-in SSH client, open PowerShell and run:
    ```bash
    touch domain.com.crt domain.com.cabundle
     ```
     ```
  - Symlink files:
     ssh username@your_vps_ip_or_hostname
     ```bash
    ln -s domain.com.crt domain.com.crt.2025
    ln -s domain.com.key domain.com.key.2025
     ```
     ```
   - Restart Apache to load the new certificate[6].
   - If using PuTTY, load your saved session and click "Open"
 
---
 
### **Windows**
 
#### 1. Creating a CSR
  - Open *Internet Information Services (IIS) Manager*.
  - In the left pane, select your server name, then double-click *Server Certificates*.
  - Click *Create Certificate Request* in the right pane.
  - Fill out required information (e.g., domain name, organization).
  - Save the CSR file to a location you can access later[3].


#### 2. Installing an SSL Certificate
This method provides a secure, passwordless connection to your Linux VPS from Windows using SSH key authentication, which is more secure than password-based authentication[1][3].
  - Obtain your SSL certificate from a Certificate Authority.
  - Save the `.cer` file to your server.
  - Open IIS Manager, select your server name, and double-click *Server Certificates*.
  - Click *Complete Certificate Request* and browse for your `.cer` file.
  - Bind the certificate to your site:
    1. Go to *Sites*, select your site, then click *Edit Bindings*.
    2. Add an HTTPS binding, select your new certificate, and set port 443[3][7].


#### 3. Manually Installing Certificates
For enhanced security:
  For manual installation:
- Disable password authentication on your VPS
  - Open Microsoft Management Console (`mmc`) via Start > Run > `mmc`.
- Use a non-standard SSH port
  - Add *Certificates* snap-in for "Computer account".
- Implement fail2ban to prevent brute-force attacks
  - Right-click *Trusted Root Certification Authorities*, select *All Tasks > Import*, and follow prompts to import your `.cer` file[4].


This guide covers creating, installing, and configuring SSL certificates on both Linux and Windows systems effectively.
Remember to keep your private key secure and never share it with others.


Citations:
Citations:
[1] https://www.crazydomains.co.nz/help/article/creating-a-self-signed-ssl-certificate-in-linux
[1] https://stackoverflow.com/questions/22951920/how-to-transfer-ssl-from-windows-to-linux-server-in-shared-hosting
[2] https://www.linuxfoundation.org/blog/blog/classic-sysadmin-how-to-install-an-ssl-certificate-on-linux-server
[2] https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-secure-web-server
[3] https://www.digicert.com/kb/csr-creation-ssl-installation-iis-10.htm
[3] https://www.oxtrys.com/how-to-configure-an-ssl-certificate-on-the-linux-vps
[4] https://support.securly.com/hc/en-us/articles/360026808753-How-do-I-manually-install-the-Securly-SSL-certificate-on-Windows
[4] https://serverfault.com/questions/1047871/i-need-to-use-an-ssl-certificate-for-linux-and-windows-will-my-linux-certificat
[5] https://host4geeks.com/blog/how-to-install-an-ssl-certificate-on-linux/
[5] https://hostadvice.com/how-to/web-hosting/vps/how-to-connect-to-your-vps/
[6] https://www.liquidweb.com/help-docs/installing-an-ssl-certificate-in-linux-command-line/
[6] https://community.cloudflare.com/t/installing-ssl-certificate-to-vps/736669
[7] https://comodosslstore.com/resources/install-a-windows-ssl-certificate-on-windows-iis-server/
[7] https://help.ovhcloud.com/csm/en-vps-install-ssl-certificate?id=kb_article_view&sysparm_article=KB0066249
[8] https://support.dnsimple.com/articles/ssl-certificate-with-windows/
[8] https://www.crazydomains.co.nz/help/article/how-to-setup-an-ssl-certificate-on-my-windows-server
[9] https://learn.microsoft.com/en-us/troubleshoot/windows-server/certificates-and-public-key-infrastructure-pki/install-imported-certificates
[10] https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/
[11] https://www.entrust.com/knowledgebase/ssl/ssltls-certificate-installation-instructions-apache-linux
[12] https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs
[13] https://www.keyfactor.com/education-center/how-to-check-ssl-certificate/
[14] https://support.n4l.co.nz/s/article/Installing-an-SSL-Certificate-on-a-Windows-Device-Manually
[15] https://discourse.metabase.com/t/how-to-enable-ssl-in-windows-server/26481
[16] https://learn.microsoft.com/en-us/answers/questions/1664138/how-to-set-ssl-need-basic-idea-and-step-by-step-im
[17] https://support.n4l.co.nz/s/article/Deploying-an-SSL-Certificate-to-Multiple-Windows-Devices
[18] https://docs.posit.co/how-to-guides/guides/install-ssl-certificates.html
[19] https://serverfault.com/questions/62496/ssl-certificate-location-on-unix-linux
[20] https://www.ssldragon.com/how-to/install-ssl-certificate/linux/


---
---
Answer from Perplexity: pplx.ai/share
Answer from Perplexity: pplx.ai/share

Revision as of 04:25, 14 March 2025

The easiest way to connect to a cloud VPS Linux from Windows using an SSL certificate is through SSH (Secure Shell) with key-based authentication. Here's a step-by-step guide:

1. Generate an SSH key pair on your Windows machine: 

  - Open PowerShell
  - Run the following command:
    ```
    ssh-keygen -t rsa -b 4096
    ```
  - Press Enter to save the key in the default location

2. Copy the public key to your Linux VPS: 

  - Use the `ssh-copy-id` command if available, or
  - Manually append the content of your public key file (usually `id_rsa.pub`) to the `~/.ssh/authorized_keys` file on your VPS

3. Configure your SSH client (e.g., PuTTY or Windows 10's built-in SSH client): 

  - Specify your VPS's IP address or hostname
  - Set the username for your Linux VPS
  - Point to your private key file (usually `id_rsa`)

4. Connect to your VPS: 

  - Using Windows 10's built-in SSH client, open PowerShell and run:
    ```
    ssh username@your_vps_ip_or_hostname
    ```
  - If using PuTTY, load your saved session and click "Open"

This method provides a secure, passwordless connection to your Linux VPS from Windows using SSH key authentication, which is more secure than password-based authentication[1][3].

For enhanced security: - Disable password authentication on your VPS - Use a non-standard SSH port - Implement fail2ban to prevent brute-force attacks

Remember to keep your private key secure and never share it with others.

Citations: [1] https://stackoverflow.com/questions/22951920/how-to-transfer-ssl-from-windows-to-linux-server-in-shared-hosting [2] https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-secure-web-server [3] https://www.oxtrys.com/how-to-configure-an-ssl-certificate-on-the-linux-vps [4] https://serverfault.com/questions/1047871/i-need-to-use-an-ssl-certificate-for-linux-and-windows-will-my-linux-certificat [5] https://hostadvice.com/how-to/web-hosting/vps/how-to-connect-to-your-vps/ [6] https://community.cloudflare.com/t/installing-ssl-certificate-to-vps/736669 [7] https://help.ovhcloud.com/csm/en-vps-install-ssl-certificate?id=kb_article_view&sysparm_article=KB0066249 [8] https://www.crazydomains.co.nz/help/article/how-to-setup-an-ssl-certificate-on-my-windows-server

--- Answer from Perplexity: pplx.ai/share

Retrieved from "https://keenwiki.tech/index.php?title=SSL_Certificates&oldid=10"