REASON AND SOLUTION: If you want the SSL Padlock on your website to look fully green and perfect, then you will have to follow the security standards given by the browsers your customers mostly visit using. As it happens, Internet Explorer, Chrome, Firefox are the most commonly used browsers by the world. These browsers show the padlock of an website in their own unique way and also the warning messages associated with them. # CHROME says, "_Your connection to example.com is encrypted with ob...
PREREQUISITES: Concatenate the CAbundle and the certificate file which we sent you using the following command. _> CAT DOMAIN_COM.CRT DOMAIN_COM.CA-BUNDLE > SSL-BUNDLE.CRT_ If you are Using GUI Text Editor (Ex: Notepad): (i) To concatenate the certificate files into single bundle file, first open DOMAINNAME.CRT and DOMAINNAME.CA-BUNDLE files using any text editor. (ii) Now copy all the content of DOMAINNAME.CRT and paste it on the top of DOMAINNAME.CA-BUNDLE file. (iii) Now save the ...
Use these instructions to create your CSR (certificate signing request) and then, to install your SSL and intermediate certificates. * To create your CSR, see Mac OS X Yosemite: Create Your CSR. * To install your SSL Certificate, see Mac OS X Yosemite: Install Your SSL Certificate. For El Capitan Server (10.11), please see Mac OS X El Capitan: Create CSR & Install SSL Certificate [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1108/38/os-x-el-capitan-server-c...
Use these instructions to create your CSR (certificate signing request) and then, to install your intermediate and server (SSL) certificates. * To create your CSR, see Mac OS X El Capitan: Create Your CSR. * To install your SSL Certificate, see Mac OS X El Capitan: Install Your SSL Certificate. For Yosemite Server (10.10), please see Mac OS X Yosemite: Create CSR & Install SSL Certificate [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1107/38/os-x-yosemit...
GENERATING A CERTIFICATE SIGNING REQUEST (CSR) USING OPENSSL (APACHE & MOD_SSL, NGINX) A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrollment process: GENERATE KEYS AND CERTIFICATE: To generate a pair of private key and public Certificate Signing Request (CSR) for a webserver, "server", use the following command : > OPENSSL REQ -NODES -NEWKEY RSA:2048 -KEYOUT ...
The total size of attachments sent to support, e.g., screenshots, must be limited to less than 5 megabytes in size. As an example, a user may submit 3 attachments of 1 megabytes each in the same email, but may not submit 3 attachments of 2 megs each in the same email. This is because the latter example totals 6 megabytes in attachments, which is over our 5 megabytes limit. Also note that some email clients may attach more information to the file(s) you are attaching. As a result, you may ...
1. DOMAIN VALIDATED CERTIFICATES (DV) * A - Email Challenge-Response DCV * B - HTTP Based DCV * C - DNS CNAME Based DCV Following completion of one of the elements above the certificate will be signed and released Additional details can be found using the following URL: Methods of Domain Control Verification [https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1367&nav=0,96,1,33] Note that ALL SSL Certificates MUST undergo the above DCV process in addition ...
First make sure that you have registered your email address on our support site. Then follow the instructions below: In order to change the email address associated with your Comodo account you will need to send a request from the email currently associated with the account to accountchanges@comodo.com. If you are unable to send from the email address which we currently have on record then the new email address for the account must be at a domain which is currently associated with the a...
SHA-2 SHA-1 (Legacy) Product Certification Path (Hierarchy) Certification Path (Hierarchy) EV [ inc. EV SGC & Multi-Domain ] * UserTrust / AddTrust External Root * COMODO RSA Certification Authority * COMODO RSA Extended Validation Secure Server CA * END-ENTITY/DOMAIN CERTIFICATE Download Files [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/977/108/extended-validation-sha-2] * UserTrust / AddTrust External Root * COMODO Certifica...
You will need to use the below command to assign/enable services to any existing certificate on the server that is correctly installed and has a matching private key. EXAMPLE COMMAND(S): Exchange 2007: ENABLE-EXCHANGECERTIFICATE -THUMBPRINT $THUMBPRINT -SERVICES "POP, IMAP, IIS, SMTP" Exchange 2010 and 2013: ENABLE-EXCHANGECERTIFICATE -THUMBPRINT $THUMBPRINT -SERVICES POP, IMAP, IIS, SMTP NOTE: The lack of quotation marks on Exchange 2010 on the -SERVICES Flag! You will need to re...
apache apache apache apache apache apache apache apache apache apache apache apache INSTALLING YOUR CERTIFICATE ON APACHE WITH MOD_SSL * Extract all of the contents of the ZIP file that was sent to you and copy/move them to your server. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle * Move all of the certificate related files to their appropriate directories. A TYPICAL SETUP: * Move the Private Key that was generated earlier to the S...
* NOTE As an alternative to the manual instructions on this page, Comodo offers a free utility which will automatically install your certificate on your IIS website. Click here [https://www.comodo.com/ssl-certificate-auto-installer/index.html] to find out more. INSTALL TO WEB SERVER 1. Open Internet Information Services Manager (IISM) to the appropriate Server Start -> Administrative Tools -> IISM -> Server Name 2. Open the Server Certificates icon. 3. Open 'Complete Certificate Request...
Once you receive your certificate issuance ZIP file, extract the file(s) contained in the ZIP file to the server. We recommend extracting these to the Desktop or a new directory all together. OPTION 1 From the Exchange Management Shell, run the following command to install the server, root, and intermediate certificates to their respective certificate stores: Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:certificatesYOUR_CERTIFICATE.cer -Encoding byte -ReadCount 0)) ...
Instructions on installing an SSL Certificate on Google Mini: 1. Once you received your SSL certificate from COMODO, please copy and paste it into a text file and save the file with the .crt extension. (Include the tags -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----). 2. Go to the Admin Console. 3. Choose Administration > SSL Settings. 4. Scroll down to Install an SSL Certificate. 5. Under SSL certificate, enter the file name of the certificate (from step 1). 6. Convert yo...
Generating a CSR on a Google Mini Search Appliance Follow the steps below to generate a CSR and install a self-signed certificate. In the Admin Console, choose Administration > SSL Settings. On the SSL Settings page, scroll down to Create a New SSL Certificate. Under Host Name, enter the fully qualified host name of the search appliance. This is the name users see when they search on your site. Under Organizational Unit, enter the name of your department. For example, "Web Services Group...
Installing and Configuring a Certificate on Mac OS X Server 10.4 After your certificate request is approved, you can download your SSL and intermediate certificate from within the SSL application. Both of these files must be installed on your Web server. TO INSTALL INTERMEDIATE CA CERTIFICATES Before installing your certificate, you need to complete the following procedure to install the Intermediate CA certificate: Visit the repository. Download the Intermediate.crt file. Launch the K...
EXECUTIVE SUMMARY The use of the signing algorithm has been deprecated in favor of the newer and more secure SHA-2 algorithm. Google's announcement on Sept 5th 2014 accelerated the timeline for browser checking of SHA-1 in web server SSL certificates so that Chrome will display security notices where SHA-1 is encountered. This will incur negative user experience effects for website visitors where the SSL certificate is using SHA-1. As of 8 September 2015, Comodo will issue SHA-2 certificat...
ISSUE: When installing a certificate issued with a SHA-2 signature algorithms (which includes SHA-256, SHA-384, and SHA-512) on Windows Server 2003, the following error is displayed - " The integrity of this certificate cannot be guaranteed. This certificate may be corrupted or may have been altered. " SOLUTION: In order to resolve this error, Microsoft has released a hotfix in order to provide limited compatibility for certificates issued with SHA-2 signature algorithm, this can be downloaded...
SSL CERTIFICATE INSTALLATION FOR EXCHANGE 2013 If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Exchange 2013 CSR Generation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/998/19/exchange-2013-ssl-csr-creation] Using COMODO step-by-step Installation instructions for Exchange 2013 will help you navigate the updates made in the new version of Exchange. Please use the tutorial below or contact our support team if you run...
EXCHANGE 2013 SSL CERTIFICATES CSR CREATION HELP If you already have your SSL Certificate and just need to install it, see Exchange 2013 SSL Installation Instructions [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/997/37/exchange-2013-ssl-certificate-installation] There have been many new changes in Exchange 2013. One of those is that the interface is now accessible through a browser. Your Installation of Exchange 2013 will be easier with our great step-by-step tuto...
This document provides instructions for installing SSL Certificates. If you are unable to use these instructions for your server, COMODO recommends that you contact either the vendor of your software or an organization that supports Stronghold. STEP 1. DOWNLOAD THE COMODO RSA CA CERTIFICATE * Download the Intermediate CA certificate from this link: Comodo [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/620/0/which-is-root-which-is-intermediate] Select the appropri...
PAYPAL IS UPDATING THEIR SSL CERTIFICATES, WHICH WILL IMPACT ALL WEB AND API ENDPOINTS We have been advised that PayPal is going to update their SSL certificates to SHA-2. This update will impact merchants and developers with an integration that does not use the new VeriSign G5 Root Trust Anchor, or those whose hardware / software does not support the SHA-2 signing algorithm. For more information, please refer to the link below: https://devblog.paypal.com/paypal-ssl-certificate-changes/ [htt...
This document provides instructions for generating a Certificate Signing Request (CSR) for Stronghold. If you are not able to use these instructions for your server, COMODO recommends you to contact the server vendor or the organization, which supports Stronghold. NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one...
Certificate is not installed correctly; the certificate needs to be chained back to the Addtrust root certificate in order to be trusted on the Android. The issue is that the Windows server is not presenting the complete certificate chain; clients which do not have the complete certificate chain will result in this error as encountered on the Android phone. In order to resolve this, on the server which this certificate is installed on, please open the MMC (Microsoft Management Console), and ad...
METHOD 1: VIA CLI 1. Login as root. 2. Adjust the following command to match your information: /OPT/ZIMBRA/BIN/ZMCERTMGR CREATECSR COMM -NEW "/C=US/ST=CALIFORNIA/L=LOS ANGELES/O=COMPANY INC/OU=DEPARTMENT/CN=YOUR.DOMAIN.COM" Where: C = 2-digit country code ST = State/Province L = City O = Organization Name OU = Department (e.g., IT Department) CN = Common Name (mail.domain.com, *.domain.com) If you want to include more than one name in the CSR, you can add -subjectAltNames to the end of the c...
Method 1: Via Zimbra Admin Console 1. Login to your Zimbra Admin Console using a browser. 2. In the left navigation pane under Home click Configure. Click CERTIFICATE. 3. On the right of the Zimbra Admin console click on the settings icon and select Install Certificate. 4. The Certificate Installation Wizard will pop up. 5. Under Server Name Select the Target server you are going to install the certificate for. Click NEXT 6. Select the option Install the commercial signed certificate. C...
In July 2012, the CA/Browser Forum, the industry standards board for Certificate Authorities and the browsers that use Certificates, made a decision to deprecate the usage of reserved IP addresses and internal names for certificates, effective November 1st 2015. All such certificates still outstanding must be revoked by October 31, 2016. _COMODO WILL NOT ISSUE A CERTIFICATE WITH AN EXPIRY DATE LATER THAN 1 NOVEMBER 2015 WITH A SUBJECTALTERNATIVENAME (SAN) EXTENSION OR SUBJECT COMMONNAME (CN) F...
INTERNAL NAMES NOTE: You can no longer include internal names/reserved IP address in your certificates. All publicly trusted SSL Certificates issued to internal names and reserved IP addresses will expire before November 1, 2015. WHAT SUBJECT ALTERNATE NAMES (SANS) SHOULD BE INCLUDED IN AN EXCHANGE 2010 CERTIFICATE? Finding the SANs that need to be included in your Unified Communications (UC) Certificate for Exchange 2010 has been simplified. You can use the Microsoft Exchange Certificate Wiz...
Generating a CSR with DIRECT ADMIN CONTROL PANEL 1. First logon as user 'ADMIN' 2. Modify the 'Access Level' from 'ADMIN LEVEL' to 'User Level', by clicking in the Access Level menu on the right on User Level 3. Click on "SSL CERTIFICATES"(underneath Advanced Features) 4. Select the option "CREATE A CERTIFICATE REQUEST" and enter all requested information given below 2 letter country code - Eg : US for United States and IN for INDIA State , Company(Organization name) ,company Divisi...
Installation of a certificate with DirectAdmin Control Panel 1. LOG ON to DirectAdmin Control Panel. 2. Go to the "SSL CERTIFICATES" panel (underneath Advanced Features). 3. Select the option "PASTE A PRE-GENERATED CERTIFICATE AND KEY". 4. Open your Private Key file and your Certificate file (Mostly in the name of YOURDOMAINNAME.CRT or ORDERNUMBER.CRT) in Notepad and paste them both in the text box.  NOTE : Paste the Private key and then paste the certificate file content 5. When yo...
To install SSL into the QNAP NAS ,you can use the OPENSSL TOOL to create the CSR and PRIVATE KEY . To generate a pair of private key and public Certificate Signing Request (CSR) for a webserver, "server", use the following command :  OPENSSL REQ -NODES -NEWKEY RSA:2048 -KEYOUT MYSERVER.KEY -OUT SERVER.CSR This creates a two files. The file MYSERVER.KEY contains a PRIVATE KEY; do not disclose this file to anyone. Carefully protect the private key. In particular, be sure to backup the pri...
After applying your certificate,you will get the certificate file in the format of ZIP from comodo. That includes the following file yourdomainname_com.crt - your domain certificate yourdomainname_com.ca-bundle - Intermediate file. STEP 1 : You need to Import the files into QNAP By using those file with the private key generated while generate the CSR for installation as follows. Need to import the file in the respective field. Go to QNAP->CONTRAL PANEL->SECURITY->CERTIFICATE & PRIVATE...
PLESK 10 CERTIFICATE INSTALLATION 1.Login to Plesk Control panel 2.select the domain name in which you need to install ssl certificate 3.Click Website and Domains 4.Click Secure your sites 5.Click Add SSL Certificate 6.Upload the certificate files 7.Private key - Browse your private key 8.Certificate - Browser your "domainname.crt" file 9.CA-Certificate- Browser your "domainname.ca-bundle" file Note:If you haven't get the CA-bundle file, please contact our ssl support. 10.Cl...
HOW TO CONFIGURE SSL FOR YOUR WINDOWS AZURE WEBSITE ? Once you have the exported .pfx file, you can use it to configure SSL for your Windows Azure website. 1. In a browser, open and log into the Windows Azure Management Portal. 2. On the web sites tab, under NAME, select your website. 3. On your website's page, click CONFIGURE. 4. On the CONFIGURE tab, in the certificates section, under SUBJECT, click upload a certificate. 5. In the Upload a certificate window, under FILE, click BROWSE...
Here is the list of support for SHA-2 (or) SHA-256 hash algorithm. WEB-BROWSERS : Chrome - Version 26 and above Mozilla Firefox - Version 1.5 and above Internet Explorer - Version 6.0 and above (must have Windows XP Service Pack 3 installed or above). Java based applications and products - Version 1.4.2 and above Konqueror - Version 3.5.6 and above Netscape - Version 7.1 and above OpenSSL based applications and products - Version 0.9.8 and above Opera - Version 9.0 and above ...
Requirements for this installation : WWW_DOMAIN.CRT and WWW_DOMAIN.CA-BUNDLE 1. Log in to your Plesk Panel 2. Go to the WEBSITES & DOMAINS tab and select the domain you want to secure. 3. Click on ‘SECURE YOUR SITES’ 4. Select the SSL certificate that was created while generating the CSR code 5. On the next page locate the 'UPLOAD CERTIFICATE FILES' section. Click on the 'BROWSE' button and locate the certificate and the CA bundle files from your computer. After both files are chosen, clic...
To Generate a CSR on a Plesk 12 System, perform the following: 1. Log into Plesk Panel. To Generate a CSR on a Plesk 12 System perform the following. 2. Under "HOSTING SERVICES", select "Domains". Click the domain name you wish to protect. This link will open the Control panel for that domain. 3. In the Control Panel, go to the WEBSITES & DOMAINS tab. Click the "Show More" tag to display management options. 4. Click "SECURE YOUR SITES". 5. In the "SSL CERTIFICATES" page that then opens, clic...
OVERVIEW This page will help you in Creating Certificate Signing Request (CSR) for your domain. NAVIGATE TO CSR Navigate to the CERTIFICATE SIGNING REQUEST menu under the Security section in the Webuzo Enduser Panel. [http://www.webuzo.com/wiki/File:Csr_home.png] PROCEDURE You must have Private Key for the Domain for which you want to create the Certificate Signing Request (CSR). Populate the details for creating the Certificate Signing Request (CSR) Note : Certificate Signing Request ...
If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Mac OS X Mavericks Server: SSL Certificate CSR Creation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1038/0/os-x-mavericks-server-ssl-certificate-csr-creation]. MAC OS X MAVERICKS: INSTALLING YOUR SSL CERTIFICATE To install your Mac OS X Mavericks SSL Certificate, complete the steps below. * Install your SSL Certificate. * Assign Your SSL Certificate to Serv...
If you already have your SSL Certificate and just need to install it, see Mac OS X Mavericks Server: SSL Certificate Installation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1037/0/os-x-mavericks-server-ssl-certificate-installation]. MAC OS X MAVERICKS: CSR CREATION USING THE SERVER APP To get a valid SSL Certificate, you must first generate a CSR (certificate signing request). Then, you will use the contents of the CSR to order your SSL Certificate. Once you re...
This article explains the process of converting a Java Keystore file, into a PKCS12 file which is a .pfx or .p12 . Requirements - A Java Keystore containing the root, intermediate, and your domain/end entity certificate which was imported by following these instructions. [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/638/37/certificate-installation-java-based-web-servers-tomcat-using-keytool] In order to convert the Java Keystore file into a .pfx or .p12 file, you ...
INSTALLING YOUR SSL CERTIFICATE ON _INTERWORX CONTROL PANEL_: 1. Once you received your SSL certificate by e-mail, please copy and paste it into a text file and save the file with the .crt extension. (Include the tags -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----). 2. Launch SITEWORX CONTROL PANEL. 3. Click on the SSL CERTIFICATES item. 4. Look at the SSL certificates controls in the main content area. 5. Click SETUP SSL CERTIFICATE. 6. Open your SSL certificate file and c...
 CSR GENERATION IN GOOGLE APP ENGINE To create the CSR , execute the following command in openssl.    OPENSSL REQ -NODES -NEWKEY RSA:2048 -KEYOUT MYSERVER.KEY -OUT SERVER.CSR This creates two files. The file myserver.key contains a private key; do not disclose this file to anyone. Carefully protect the private key. Once the CSR has been created then you should submit it to the CA (Comodo) to get the CA bundle and the domain certificate.
2X APPLICATION SERVER CSR AND INSTALLATION INSTRUCTIONS 2X APPLICATION SERVER CSR CREATION By enabling SSL encryption, your 2X Gateway provides encryption to your terminal servers. You can enable clients to connect using SSL by checking the box to "Enable SSL on Port:", usually using 443 as the default SSL setting. You can find this option under the SSL/TLS tab of the 2X Secure Client Gateway Properties window. To access the Gateway Properties window, click on the Farm in the Navigation pan...
SSL CERTIFICATE COUNTRY CODES FIND YOUR COUNTRY CODE FROM THE LIST PROVIDED BELOW COUNTRY CODES ARE REQUIRED WHEN CREATING A CERTIFICATE SIGNING REQUEST. THE SSL CERTIFICATE COUNTRY CODES THAT YOU NEED TO ENTER WHEN CREATING YOUR CSR ARE AS FOLLOWS: * US United States of America * CA Canada * AX Åland Islands * AD Andorra * AE United Arab Emirates * AF Afghanistan * AG Antigua and Barbuda * AI Anguilla * AL Albania * AM Armenia * AN Netherlands Antilles * AO Angola ...
3COM WIRELESS LAN CSR CREATION Before you can generate a Certificate Signing Request (CSR) for your 3Com Wireless Lan Switch and Controller, you will need to create the private key from which your CSR can then in turn be created. * Running the following command should elicit the response _key pair generated_ and generate a 2048-bit private key. WX1200#crypto generate key web 2048 In the above example, "web" represents a certificate for web access so users can use a web page to log onto ...
CSR CREATION FOR ADOBE CONNECT This is a full walk through of how to setup and install Adobe Connect 7 Pro with SSL. If you are having trouble with your CSR creation or SSL installation, hopefully this can clarify any issues you encountered understanding the Adobe documentation. If you do not have OpenSSL (a common SSL manipulation tool), you will want to download it online before continuing. CREATING CSRS AND PRIVATE KEYS IN ADOBE CONNECT 7 PRO * You will need to create two private k...
HOW TO CREATE A CSR ON AEP NETILLA AND INSTALL YOUR SSL CERTIFICATE Setting up your SSL on a AEP Netilla device should be fairly straightforward through the Netilla Admin panel. * Open your Netilla Admin panel and go to System Configuration, General, SSL, and then choose to "Request New Certificate." * You will be presented with a form to enter your company's information which will be submitted to COMODO as part of your certificate request. Most of the requested information should be...
ALPHA FIVE APPLICATION SERVER CSR CREATION * You will generate your Certificate Signing Request (CSR) from your Alpha Five Application Server where the certificate will be installed. Be sure to keep the private key that you generate during the CSR creation process, as it will be needed when you receive your certificate. * To create the CSR, go to the Application Server Settings window and the tab labeled "SSL". * Click the long button at the bottom of the tab with the label "Generate a...
CSR CREATION FOR BARRACUDA SPAM & ANTIVIRUS 300 VERSION 5 If you already have your SSL Certificate files and just need to install them, see SSL Installation - Barracuda Spam And Virus Firewall 300 [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1086/0/barracuda-spam--virus-firwall-300-ssl-installation]. CREATE YOUR CSR If you are looking for a CSR creation tutorial for older versions of Barracuda devices please see our CSR Creation for Barracuda Devices Below Versi...
CERBERUS FTP SERVER: CREATE CSR & INSTALL SSL CERTIFICATE Use these instructions to create your CSR (certificate signing request) and then, to install your SSL, intermediate, and root certificates. * To create your CSR, see Cerberus FTP Server: Create Your CSR (Certificate Signing Request). * To install your SSL Certificate, see Cerberus FTP Server: Install Your SSL Certificate. 1. CERBERUS FTP SERVER: CREATE YOUR CSR (CERTIFICATE SIGNING REQUEST) CERBERUS FTP SERVER: HOW TO GENERAT...
NOTE: If you already have your SSL Certificate and just need to install it, see Lync 2010: Installing a SSL Certificate [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1073/0/lync-server-2010-certificate-installation]. LYNC 2010: GENERATING A CSR * On the Windows START menu, click ALL PROGRAMS > MICROSOFT LYNC SERVER 2010 > LYNC SERVER DEPLOYMENT WIZARD. * In the LYNC SERVER 2010 – DEPLOYMENT WIZARD, click INSTALL OR UPDATE LYNC SERVER SYSTEM. * Under STEP...
LYNC SERVER 2010: SSL CERTIFICATE INSTALLATION If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Lync 2010: Creating a CSR [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1072/0/lync-server-2010-csr-creation]. LYNC 2010: INSTALLING YOUR SSL CERTIFICATE * On the Windows START menu, click All PROGRAMS > MICROSOFT LYNC SERVER 2010 > LYNC SERVER DEPLOYMENT WIZARD. * In the LYNC SERVER 2010 – DEPLOYMENT WIZARD, cli...
HOW TO GENERATE A CSR FOR LYNC 2013 * From the Windows start menu click on LYNC DEPLOYMENT WIZARD icon. * Click on INSTALL or UPDATE Lync Server System. * Under the Request, Install or Assign Certificates section click RUN. * Choose External Edge Certificate and click REQUEST. * Click NEXT. * Choose Prepare the request now, but send it later. * Choose the name and destination for the CSR text file. (i.e. C:DesktopExampleCSR.txt). * On the Specify Alternate Certificate Te...
HOW TO INSTALL YOUR SSL CERTIFICATE IN LYNC 2013 * From the Windows start menu click on Lync Deployment Wizard icon. * Click on INSTALL or update Lync Server System. * Under the Request, Install or Assign Certificates section click RUN. * Choose External Edge Certificate and click IMPORT CERTIFICATE. * Use the Browse button, and locate your certificate file (will be .pfx if you used DigiCert Windows Utility. If using a .pfx file be sure to check the Certificate file contains ...
FILEZILLA: CSR CREATION USING OPENSSL Use these instructions to build your own shell commands to generate your FileZilla CSR. HOW TO GENERATE A CSR FOR FILEZILLA USING OPENSSL If you prefer, you can build your own shell commands to generate your FileZilla CSR. * Use your terminal (ssh) to login to your FileZilla server. * At the prompt, enter the following command, making sure to replace server with the name of your server: openssl req -new -newkey rsa:2048 -nodes -keyout server.k...
SSL CERTIFICATE INSTALLATION IN FILEZILLA Use these instructions to install your SSL Certificate for FileZilla. Before installing your SSL Certificate, you first need to create a Certificate Signing Request (CSR). See OpenSSL Certificate Signing Request (CSR) Creation for FileZilla SSL [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1076/0/filezilla-csr-creation-using-openssl]. HOW TO INSTALL AN SSL CERTIFICATE FOR FILEZILLA * On your FileZilla server, open Fil...
CREATE CSR ON ZIMBRA AND SSL INSTALLATION ZIMBRA CSR CREATION * Log in as _root._ * Adjust the following command to match your information: /OPT/ZIMBRA/BIN/ZMCERTMGR CREATECSR COMM -NEW "/C=US/ST=NJ/L=CLIFTON/O=COMPANY INC/OU=DEPARTMENT/CN=YOUR.DOMAIN.COM" Where: C = 2-digit country code ST = State/Province L = City O = Organization Name OU = Department (e.g., IT Department) CN = Common Name (mail.domain.com, *.domain.com) If you want to include more than one name in the ...
CSR CREATION FOR TOMCAT KEYSTORE SSL CERTIFICATES If you already have your SSL Certificate and just need to install it, see Tomcat Web Server SSL Certificate Installation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1080/0/tomcat-ssl-certificate-installation]. HOW TO GENERATE A CSR IN TOMCAT WITH KEYTOOL **NOTE: YOU MUST GENERATE A NEW KEYSTORE BY FOLLOWING THIS PROCESS. IF YOU TRY TO INSTALL A NEW CERTIFICATE TO AN OLD KEYSTORE YOUR CERTIFICATE WILL NOT WORK P...
SSL CERTIFICATE INSTALLATION IN TOMCAT WEB SERVER If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see SSL Certificate CSR Creation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1079/0/tomcat-csr-generation] * To install the SSL Certificate file to your keystore, type the following command: KEYTOOL -IMPORT -TRUSTCACERTS -ALIAS SERVER -FILE YOUR_SITE_NAME.P7B -KEYSTORE YOUR_SITE_NAME.JKS * You should get a conf...
RADWARE ALTEON APPLICATION SWITCH If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Create a CSR for Radware Alteon Application Switch [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1083/0/radware-alteon-application-switch-csr-generation]. SSL INSTALLATION FOR THE RADWARE ALTEON APPLICATION SWITCH * Create PEM file by pasting the contents of www_yourdomain_com.crt to the beginning of the intermediate certificate ...
RADWARE ALTEON APPLICATION SWITCH If you already have your SSL Certificate and just need to install it, see Install an SSL Certificate on a Radware Alteon Application Switch [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1082/0/radware-alteon-application-switch-ssl-installation]. HOW TO CREATE A CSR FOR THE RADWARE ALTEON APPLICATION SWITCH. * Log in to your COMODO account and download your Intermediate (COMODOCA.crt) and Primary (your_domain_name.crt) certifi...
If you already have your SSL Certificate and just need to install it, see Lotus Domino 8.5 SSL Certificate Installation [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1085/0/lotus-domino-85-ssl-certificate-installation]. CREATE CSR ON DOMINO SERVER 8.5 GENERATING YOUR CERTIFICATE SIGNING REQUEST DOMINO 8.5X * In the Domino Administration client, double-click on Server Certificate Administration. * Choose "Create Key Ring." * If prompted, enter a name and...
If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Lotus Domino 8.5 CSR Creation Instructions [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1084/0/lotus-domino-85-csr-generation]. INSTALL SSL ON A LOTUS DOMINO WEB SERVER VERSION 8.5 _As is the case when working with certificate keystores, you need to make sure that when importing your SSL certificates to your Lotus Domino 8.5 Web Server that the files are imported to ...
INSTRUCTIONS TO INSTALL SSL CERTIFICATE BARRACUDA FIRMWARE VERSION 5 If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see CSR Creation Barracuda Spam and Virus Firewall Version 5 [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1070/0/barracuda-spam-and-virus-firewall-300-csr-generation]. SSL INSTALLATION To install your SSL certificate file you will need to be logged into the Barracuda as an administrator. * Go to t...
BARRACUDA CSR CREATION If you already have your SSL Certificate and just need to install it, see SSL Certificate Installation :: Barracuda [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1088/0/barracuda-ssl-installation]. HOW TO GENERATE A CSR FOR A BARRACUDA SPAM FIREWALL In order to generate a Certificate Signing Request for your Barracuda Firewall, navigate to the Advanced > SSL or Advanced > Secure Administration page and follow these steps: * Fill in all...
BARRACUDA SSL CERTIFICATE INSTALLATION If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see SSL CSR Creation for a Barracuda Spam Firewall [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1087/0/barracuda-spam-firewall-csr-generation]. INSTALLING YOUR BARRACUDA SSL CERTIFICATE A pre-built .pem file should have been emailed to you when your certificate was issued. If you did not receive that file, you can download it insi...
QUICK GUIDE TO INSTALL SSL CERTIFICATE ON GOOGLE APP ENGINE STEP 1: CREATE CSR (CERTIFICATE SIGNING REQUEST) FOR GAE Before you start the installation process, you need to generate a new CSR. You will get a private key along with CSR when you generate your CSR. STEP 2: DOWNLOAD AND EXTRACT SSL CERTIFICATE FILES Once you complete the CSR and the order process the certificate authority will send you the certificate files via a registered email address included with a zip file. This file c...
APACHE: CREATE ECC CSR AND INSTALL ECC SSL CERTIFICATE Before generating an ECC CSR (Elliptic Curve Cryptography Certificate Signing Request) and ordering an ECC SSL Certificate form COMODO, make sure that your environment is compatible with ECC SSL Certificates. For more information about Elliptic Curve Cryptography, see Elliptic Curve Cryptography ECC Explained [http://support.comodo.com/ecc.htm]. Use these instructions to generate the ECC CSR and then install your ECC SSL Certificate. ...
THE HISTORY AND BENEFITS OF ECC CERTIFICATES The constant back and forth between hackers and security researchers, coupled with advancements in cheap computational power, results in the need for continued evaluation of acceptable encryption [http://support.comodo.com/ssl-cryptography.htm] algorithms and standards. RSA is currently the industry standard for public-key cryptography and is used in the majority of SSL/TLS Certificates. A popular alternative, first proposed in 1985 by two resear...
MICROSOFT SERVERS: CREATE ECC CSR AND INSTALL ECC SSL CERTIFICATE Before generating an ECC CSR (Elliptic Curve Cryptography Certificate Signing Request) and ordering an ECC SSL Certificate form COMODO, make sure that your environment is compatible with ECC SSL Certificates. For more information about Elliptic Curve Cryptography, see Elliptic Curve Cryptography ECC Explained [https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/1105/0/what-is-eliptic-curve-cryptography-ecc]. ...
INTRODUCTION STATUS Feature complete, needs testing. FEDORA The dogtag packages are now available in Fedora. The required packages should be pulled in as dependencies when ipa-server is installed. This just makes the binaries available for the IPA installer script. The installer creates and configures the necessary dogtag components to stand up a CA. INSTALLING A dogtag CA is installed by default by IPA. To install using a self-signed CA instead of dogtag pass in the --selfsign argumen...
You may have to convert a JKS to a PKCS#12 for several reasons. For example, if you have to copy or transfer your certificate from a TOMCAT server (or a platform using JKS file type) to a server using PKCS#12 file type such as Microsoft. The PKCS#12 could also be converted to be installed on platforms using PEM files (Apache for example). PREREQUISITES: * Keytool application (supplied along with JDK 1.1 and higher) * A JKS file containing the certificate, the private key and the certific...
To install the SSL Certificate on your Small Business Server 2008, follow the instructions below. 1. Extract the contents of the .zip file that contains your SSL Certificate and the chain certificates. Save the certificates to the Small Business Server where you generated the CSR. 2. To install the ROOT and INTERMEDIATE CERTIFICATES, check the below article. > ADDING ROOT AND INTERMEDIATE CERTIFICATES VIA MMC > [HTTPS://SUPPORT.COMODO.COM/INDEX.PHP?/DEFAULT/KNOWLEDGEBASE/ARTICLE/VIEW/636/0...
1. CREATE DIRECTORY FOR THE KEYSTORE AND CSR: Open a command prompt and type the following: _> mkdir sslcert_ Then cd to the newly created directory by typing the following command: _> cd sslcert_ 2. CREATE KEYSTORE: Use the following command to create a keystore: _> keytool -genkey -alias youralias -keyalg RSA -keystore yourkeystorename.jks -keysize 2048_ You will be prompted to enter keystore password. The default password that comes with glassfish is "_CHANGEIT_" except you ha...
If you have multiple servers that need to use the same SSL certificate, such as in a load-balancer environment or using a wildcard [https://ssl.comodo.com/wildcard-ssl-certificates.php] or UC SSL certificates [https://ssl.comodo.com/unified-communications-uc-ssl-certificates.php], you can convert the certificates and private key to a .PFX FILE and THEN IMPORT THE CERTIFICATE ON WINDOWS SERVER SO IT CAN BE USED IN IIS OR EXCHANGE. This may also be necessary when you switch hosting companies. We w...
STEP 1: INSTALLING INTERMEDIATE CERTIFICATES: 1. In the main menu navigate to CERTIFICATES > INTERMEDIATE CERTS. 2. Click the ADD NEW button. 3. Click CHOOSE FILE. 4. Browse to the location and path of your Intermediate .pem 5. Specify a name of your choice for your intermediate certificate under the Certificate Name field 6. Click ADD CERTIFICATE. 7. Click OK. STEP 2: INSTALLING YOUR SSL CERTIFICATE: 1. In the main menu of the LoadMaster WUI go to CERTIFICATES > SSL CERTIFICATES. 2. Click...
Like all certificates you must first create a CSR public/private key pair The CSR should be given to Comodo for signing and the private key will be left on the server. Follow the steps below to generate a CSR: STEP 1: GENERATING YOUR CSR KEYPAIR: * Log into your Kemp LoadMaster WUI. * In the main menu of the LoadMaster WUI, select CERTIFICATES > SSL CERTIFICATES. * Specify a name for you private key in the PRIVATE KEY IDENTIFIER field. * Click GENERATE CSR 5. Specify the following i...
CAUSE: This error occurs if the server administrator does not have permissions to the local security policy on Microsoft Windows 2008 server. SOLUTION: Although the error occurs during installation, the certificate might still install successfully. Check the bindings to see if the new certificate is available to be assigned. If the SSL certificate is not in available in the bindings list then proceed with the below instructions to set the appropriate permissions. To bind the certificate ...
1. Open the Windows SBS Console. 2. Click NETWORK > CONNECTIVITY. 3. On the CONNECTIVITY tab, under TASK, in the CONNECTIVITY TASKS section, click ADD A TRUSTED CERTIFICATE. 4. In the Add a Trusted Certificate wizard, on the Before you begin page, click NEXT. 5. On the Get the Certificate page, select 'I WANT TO BUY A CERTIFICATE FROM A CERTIFICATE PROVIDER' and then, click NEXT. 6. On the VERIFY THE INFORMATION FOR YOUR TRUSTED CERTIFICATE page, make sure that the information is corre...
1. First off, you need to ensure that you have root access. Otherwise, please contact the webhosting/server administrator. 2. Log into the SSH. 3. Run the following command and replace the domain_name with your domain name such as comodo.com, > _# OPENSSL PKCS12 -EXPORT -OUT /BACKUP/DOMAIN_NAME.PFX -INKEY > /ETC/SSL/PRIVATE/DOMAIN_NAME.KEY -IN /ETC/SSL/CERTS/DOMAIN_NAME.CRT_
Use these instructions to create your CSR (certificate signing request) and then, to install your SSL and intermediate certificates. * To create your CSR, see Citrix NetScaler VPX: Create Your CSR (Certificate Signing Request). * To install your SSL Certificate, see Citrix NetScaler VPX: Install Your SSL Certificate. These instructions were created using Citrix NetScaler 10.1 VPX (50). Depending on which version of Citrix NetScaler VPX you are using, you may need to modify these instr...
This article assumes that you have already created a pending private key in your Key Manager. If you have not created one yet, please check the CSR Generation- JSCAPE MFT Server article. PREREQUISITES: Concatenate the CAbundle and the certificate file which we sent you using the following command. _> CAT DOMAIN_COM.CRT DOMAIN_COM.CA-BUNDLE > SSL-BUNDLE.CRT_ If you are Using GUI Text Editor (Ex: Notepad): (i) To concatenate the certificate files into single bundle file, first open DOMAIN...
The JSCAPE MFT Server uses Key Manager to create and implement SSL certificates. This knowledge base article will describe the process for generating a CSR using the Key Manager. * Start off by opening KEY MANAGER. You can do this by navigating to FILE and then selecting the KEY MANAGER file from the main menu. * When the KEY MANAGER dialog appears, click on the SERVER KEYS tab at the top. * Click on the GENERATE button at the bottom. * In the new GENERATE KEY WIZARD. STEP 1 OF 2 windo...
1. Create an https_server.js file using the following values. you can create file with any name using .js extension. _# VIM HTTPS_SERVER.JS_ var https = require('https'); var fs = require('fs'); var https_options = { ca: fs.readFileSync("/path/to/mydomain.ca-bundle"), key: fs.readFileSync("/path/to/server.key"), cert: fs.readFileSync("/path/to/mydomain.crt") }; https.createServer(options, function (req, res) { res.writeHead(200); res.end("Welcome to Node.js HTTPS Servern"); }).listen(...
MDaemon does not have a method of creating a Certificate Signing Request (CSR) for you in order to obtain a third party SSL certificate issued by a Trusted Root Authority (such as COMODO). Windows has a command line utility, CERTREQ.EXE that will allow you to create a certificate request and import the new certificate into the Windows Certificate Store, where it can be used with MDaemon. 1. GENERATING A CSR : The example below will generate a CSR for a 2048 bit key length certificate. * ...
SSL .pem files (concatenated certificate container files), are frequently required for certificate installations when multiple certificates are being imported as one file. This article contains multiple sets of instructions that walk through various .pem file creation scenarios. CREATING A .PEM WITH THE ENTIRE SSL CERTIFICATE TRUST CHAIN * Log into your Comodo Management Console [https://secure.comodo.com/] and download your Intermediate (COMODOCA.crt), Root (addtrustexternalcaroot.crt),...
SSL INSTALLATION HEROKU All we need to have is the certificate and private key for SSL installation. SSL configuration on Heroku depends slightly on where you are deploying your application. CREATE THE ADDON It is required only if you app in common Runtime. Else you can skip this step. $ heroku addons:create ssl:endpoint ADDING CERTIFICATE, INTERMEDIATE AND PRIVATE KEY We need to combine the certificate and the bundle to a single .crt file. _CAT DOMAIN_COM.CRT DOMAIN_COM.CA-BUNDLE...
HOW DO I MAKE MY OWN BUNDLE FILE FROM CRT FILES? ANSWER: You may do this using you favorite text editor or by using the command line. Example: # Root CA Certificate - AddTrustExternalCARoot.crt # Intermediate CA Certificate 1 - ComodoRSAAddTrustCA.crt OR ComodoECCAddTrustCA.crt # Intermediate CA Certificate 2 - ComodoRSADomain/Organization/ExtendedvalidationSecureServerCA.crt OR ComodoRSAECCDomain/Organization/ExtendedvalidationSecureServerCA.crt # Intermediate CA Certificate 3 - ComodoSHA25...
Installing Comodo's SSL certificate on a Dovecot server is straight forward and simple. Please follow these instructions to install your SSL certificate on a Dovecot IMAP Server: STEP 1: Along with your certificate you may get the root and intermediate certificates. For Dovecot/Exim you need to put all these certificates including your site's certificate into one bundle file in order of decreasing distance from the root. The "CA-BUNDLE" file already includes the root and intermediates (_COMO...
  Obtain the SSL certificate issued from Certificate Authority (COMODO [https://ssl.comodo.com/]). When generating your CSR, you created a self-signed certificate as well (see Generate a CSR for Cisco Ironport [https://www.tbs-certificates.co.uk/FAQ/en/generer_csr_cisco_ironport.html]). Click on this certificate. Import the server certificate under UPLOAD SIGNED CERTIFICATE. Upload the Intermediate certificates under UPLOAD INTERMEDIATE CERTIFICATES. Repeat if necessary for additional in...
CSR GENERATION : CISCO IRONPORT Connect to Network/Certificates in Cluster mode and click on "Add Certificates". Select "Create Self-Signed Certificate" and fill the fields indicated Country Name (2 letter code) [AU]: GB State or Province Name (full name) [Some-State]: YORKS Locality Name (eg, city) []: YORK Organization Name (eg, company) [Internet Widgits Pty Ltd]: MYCOMPANY LTD Organizational Unit Name (eg, section) []: IT Common Name (eg, YOUR name) []: MYSUBDOMAIN.MYDOMAIN.COM Email A...
Starting 1st of August 2016, Comodo will no longer offer SGC variants of our certificates. The move away from SGC to a new certificate type will not impact any website security or browser ubiquity. All Comodo certificates are trusted by 99.9% of browsers and mobile devices and use the very latest security technologies (including SHA-2 algorithms, 2048 signatures and RSA/ECC keys). WHY ARE WE DEPRECATING SGC? While very important in the early part of the millennium, SGC technology has become ...
If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see . [http://support.comodo.com/"https://support.comodo.com/index.php?/Knowledgebase/Article/View/1160/38/csr-generation-microsoft-iis-8x
If you already have your SSL Certificate and just need to install it, see IIS 8 and IIS 8.5 SSL Certificate Installation [https://support.comodo.com/index.php?/Knowledgebase/Article/View/1159/0/certificate-installation-microsoft-iis-8x]. HOW TO CREATE A CSR ON WINDOWS SERVER 2012 - IIS 8 AND WINDOWS SERVER 2012 R2 - IIS 8.5   * From the Start screen, click or search for INTERNET INFORMATION SERVICES (IIS) MANAGER and open it. * Click on the server name. * From the center menu, d...
Comodo Certificate Auto-installer is an easy-to-use utility which simplifies the often complex process of obtaining and installing an SSL certificate on IIS web-servers.
SSL CERTIFICATE INSTALLATION IN APACHE. COPY THE CERTIFICATE FILES TO YOUR SERVER. APACHE SERVER SSL CERTIFICATE INSTALLATION * Download your Intermediate (ComodoRSACA.crt) and Primary Certificate (your_domain_name.crt) files from your Customer Area, then copy them to the directory on your server where you will keep your certificate and key files. Make them readable by root only. * FIND THE APACHE CONFIG FILE TO EDIT. The location and name of the config file can vary from server to s...
There are a few different SSL-related errors in Apache that can cause the following issues: * SSL errors are reported in the log file causing Apache to not start * Untrusted certificate warnings in browsers or intermediate certificate errors on COMODO.com/help * The browser error message "ssl_error_rx_record_too_long" ERRORS THAT KEEP APACHE FROM STARTING Errors that keep Apache from starting can be very frustrating. This usually happens when Apache is reading the configuration files a...
Depending on how your Apache servers are configured, you may need to disable SSL v3. Note that older versions of Internet Explorer may not have the TLS protocol enabled by default. If you disable SSL versions 2.0 and 3.0, the older versions of Internet Explorer will need to enable the TLS protocol before they can connect to your site. APACHE: HOW TO DISABLE THE SSL V3 PROTOCOL * Locate your SSL Protocol Configuration on your Apache server. For example, * Type one the following com...
To encrypt communications between you and your end users, you purchase a SSL Certificate, install it on your server, and then configure your website to use the certificate to protect these communications. The SSL connection begins when the end user's browser reaches out to shake hands with your website. During this handshake, information regarding the ability of the browser and server are exchanged, validation occurs, and a session key that meets both the browser's and server's criteria is cre...