SSL Configuration
- Select a website from the drop-down at top-left
- Click the 'SSL' tab
- SSL certificates identify a website’s owner, and encrypt all data that passes between the site and a visitor's browser.
There are two ways to deploy a certificate:
1)
Bring your own SSL certificate
- Upload your site’s existing certificate to the cWatch CDN edge servers. Recommended for most customers.
- This will secure the traffic between your site (the origin server) and the cWatch CDN.
- See Upload your own SSL Certificate to find out how to deploy your certificate.
2)
Get a free SSL certificate
- Deploy a free certificate from Comodo to the CDN Edge servers. Again, this will encrypt traffic between your site and the CDN.
You
need to configure your site to use Comodo DNS in order to get the
free certificate. There are two ways to
do this:
-
Change your domain's authoritative DNS servers to Comodo DNS
OR -
Enter DNS records explicitly
Help to configure DNS is available in Activate CDN for a Website
Upload your own SSL Certificate
- Open the cWatch dashboard
- Select the target website from the menu at top-left
- Click the 'SSL' tab
- Or click the hamburger button and select 'SSL'
- Click 'Order SSL Certificate' if you do not already have a certificate on your site
- You will be taken to SSL purchase page to buy a new certificate
- You can install the certificate on your web-server then upload it to cWatch.
- Click 'Upload Your SSL Certificate' to submit your existing certificate:
Upload Your Certificate - Table of Parameters |
|
---|---|
Parameter |
Description |
Certificate |
Paste the content of your certificate. The content you need looks something like this: -----BEGIN CERTIFICATE----- MIICUTCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADBXMQswCQYDVQQGEwJDTjEL MAkGA1UECBMCUE4xCzAJBgNVBAcTAkNOMQswCQYDVQQKEwJPTjELMAkGA1UECxMC VU4xFDASBgNVBAMTC0hlcm9uZyBZYW5nMB4XDTA1MDcxNTIxMTk0N1oXDTA1MDgx NDIxMTk0N1owVzELMAkGA1UEBhMCQ04xCzAJBgNVBAgTAlBOMQswCQYDVQQHEwJD TjELMAkGA1UEChMCT04xCzAJBgNVBAsTAlVOMRQwEgYDVQQDEwtIZXJvbmcgWWFu ZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCp5hnG7ogBhtlynpOS21cBewKE/B7j V14qeyslnr26xZUsSVko36ZnhiaO/zbMOoRcKK9vEcgMtcLFuQTWDl3RAgMBAAGj gbEwga4wHQYDVR0OBBYEFFXI70krXeQDxZgbaCQoR4jUDncEMH8GA1UdIwR4MHaA FFXI70krXeQDxZgbaCQoR4jUDncEoVukWTBXMQswCQYDVQQGEwJDTjELMAkGA1UE CBMCUE4xCzAJBgNVBAcTAkNOMQswCQYDVQQKEwJPTjELMAkGA1UECxMCVU4xFDAS BgNVBAMTC0hlcm9uZyBZYW5nggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEE BQADQQA/ugzBrjjK9jcWnDVfGHlk3icNRq0oV7Ri32z/+HQX67aRfgZu7KWdI+Ju Wm7DCfrPNGVwFWUQOmsPue9rZBgO |
SSL Chain Certificate |
If your certificate contains an |
Certificate Key |
|
- Click 'Upload Your SSL Certificate'
The SSL certificate will be uploaded to the CDN edge servers.
Once uploaded, traffic between the CDN and your website visitors is encrypted. Since the certificate is already installed on your site, the communication between the origin and the CDN is also encrypted.
Install
- Open the cWatch dashboard
- Select the target website from the menu at top-left
- Click the 'SSL' tab
- Or click the hamburger button and select 'SSL'
- Scroll down to 'Complimentary Comodo SSL (Edge Certificate)':
You have two options to enable the free certificate:
- Option A - Change your domain's authoritative DNS servers to Comodo - Applies if you have already pointed your
name servers to Comodo authoritative DNS.
- Option B - Create a CNAME record which points to Comodo - Applies if you have entered explicit DNS records to your domain's DNS settings
Option A - Change your domain's authoritative DNS servers to Comodo
Prerequisite – You have configured the site to use Comodo DNS by adding the name server (NS) records.
See DNS Configuration for more details. |
- Scroll to 'Option A - Change your domain's authoritative DNS servers to Comodo'
- Select 'Click here for more details'
- Click the 'Activate Basic SSL Now' button
- The process will take a few minutes to complete
- Once activated, you can see the certificate in 'Settings' > 'SSL', listed under 'Complimentary Comodo SSL (Edge Certificate)'.
The certificate is valid for one year and is set for auto-renewal.
- Note – This certificate encrypts the connection between the CDN servers, which host a copy of your site, and your website visitors.
It does not encrypt the traffic between your web-server and the CDN edge servers.
- You need to upload your own certificate to encrypt CDN <--> origin site traffic. See 'Upload your own SSL Certificate' for more details.
Option B - Create a CNAME record which points to Comodo
- Scroll to 'Option B - Create CNAME record pointed back to Comodo'
- Select 'Click here for more details'
- Select 'Click here for more details' beside 'Option B - Create CNAME record pointed back to Comodo'
- Click the 'Activate Basic SSL Now' button:
cWatch generates a CNAME record for domain control validation.
- Note down the 'CNAME KEY' and 'CNAME VALUE' records
- Go to your website's DNS management page and enter the 'CNAME KEY' and 'CNAME VALUE' records
- If you need more help regarding adding 'CNAME KEY' and 'CNAME VALUE' records, visit https://support.google.com/a/topic/1615038?hl=en
- After the CNAME records are added to your domain's DNS settings, the certificate will be activated and deployed to the edge servers. It may take up to two hours to complete.
- Note - This certificate encrypts the connection between the CDN servers, which host a copy of your site, and your website visitors
- It does not encrypt the traffic between your web-server and the CDN servers
- You need to upload your own certificate to encrypt CDN <--> origin site traffic. See 'Upload your own SSL Certificate' for
more details . See 'Upload your own SSL Certificate' for more details.