Getting started with Cloud Sites: Configuring SSL on your websites
Note: This article is written for our Cloud Sites Control Panel. You can get to it from the Cloud Control Panel by clicking the Rackspace Cloud menu at the top of the screen adn selecting Cloud Sites.
Secure Sockets Layer (SSL) is an encryption technology that protects your visitors' private information while it's in transit via the Internet.
When you ask your site's visitors to divulge personal and business information, they need to trust you. They have to know that their data is secure from eavesdropping, tampering, and even phishing attacks. And the more they trust you, the more likely they are to complete forms, purchase items, and share valuable information online. SSL certificates let them know that they can confidently share their data with you.
Some applications that are configured to run SSL are web browsers like Internet Explorer and FireFox; email programs like Outlook, Mozilla Thunderbird, and Apple Mail.app; and SFTP (secure file transfer protocol) programs. These programs are automatically able to receive SSL connections.
Adding SSL to a website on Cloud Sites is a straightforward process.This article provides the following information:
- Supported types of SSL certificates
- Generate a CSR for your site
- Purchase a SSL certificate
- Install the certificate
- SSL tips
Supported types of SSL Certificates
The primary certificates supported on Cloud Sites are as follows:
- Root Level certificates
- Apache + OpenSSL
Cloud Sites allows installation of most chained certificates, including Extended Validation (EV), multi-domain, and wild card certificates. These will require installation to a primary Common Name domain to work properly.
Note: Cloud Sites no longer supports any self-signed certificates.
Complete the following steps to generate a certificate signing request (CSR), which you will need to have when you purchase an SSL certificate.
- Log in to the Cloud Site Control Panel.
- Click Hosting > Cloud Sites.
- Click the domain you want to add SSL to, and then click the Security tab.
In the Permissions for Viewing Your Website section, click Install SSL Certificate.
Review the order summary and payment details, select the Terms Agreement check box, and teh click Finish. If you have questions about the charges, contact Support.
On the Install SSL Certificate page, click the Start New Certificate button.
Complete the form and click the Next Step button when finished.
Your CSR is generated. With the CSR ready for use, you can proceed to purchasing a certificate.
Purchase a certificate
Follow the vendor's SSL certificate request process. In particular, the vendor might require the following details:
- Server type: Apache
- SSL type: OpenSSL or modSSL
- CSR: You generated this in the preceding section
After you have completed your certificate purchase, you're ready to install the certificate.
Install the certificate
- Log in to the Cloud Sites Control Panel.
- Click Hosting > Cloud Sites.
- Click the domain for which you generated the CSR for, and then click the Security tab.
- In the Permissions for Viewing Your Website section, click Enter Certificate File.
- Enter the certificate information in the Certificate field.
Note: Some vendors provide certificates in text format in an email or on their website, which makes copy and pasting the certificate easy. Other vendors may provide certificates as a .crt file. You can open this file in a plain text editor and retrieve the text for the certificate there.
- If you have any SSL intermediate certificates, copy and paste them into the Intermediate Certificate field.
- Click Next Step.
- Confirm that the certificate details are correct and then click Finish.
Note: If you have any problems during the installation, contact Support for assistance.
If Rackspace is managing your DNS, DNS for your site will be automatically updated. It can take up to two hours for the new IP addresses for your site to complete propagation. If you are managing your own DNS, click the Domain tab to get your new IP addresses.
What to watch for
Currently the Rackspace Cloud does not support wildcard certificates--such as *.domain.com or *.example.com. These certificates might or might not function as necessary. This feature is currently under consideration.
Removing an SSL certificate from a site will change the site's IP address in the same way that adding a new certificate changes the IP address. DNS must be updated in that case as well.
Carry on the conversation in the Rackspace Community.
© 2015 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
See license specifics and DISCLAIMER