Results 1 to 19 of 19
  1. #1
    Join Date
    Nov 2013
    Posts
    262

    Backup our SSL certificate

    Hi,

    I'm trying to backup our ssl cert from GoDaddy
    and keep that SSL with us. in case we need to
    move elsewhere.

    do I backup from cPanel's SSL/TLS Manager
    or from the GoDaddy SSL Certificates area?

    it's a little confusing, in cPanel's SSL/TLS Manager
    under Private Keys (KEY), I see 3 key entry's

    domain.com
    domain.com 1
    domain.com created 7/10/14 7:06 AM UTC

    oddly enough the first entry "domain.com" is what cPanel
    says is the key being used.
    "This private key is in use by the following resources:"

    have no idea why the third entry comes off as being the
    correct key at first glance, or even why there is 3 keys
    to begin with.

    under Certificates (CRT)
    I just have one entry looking like this
    domain.comwww.domain.com

    so far I backed up the key, cPanel says is in use
    and the one under Certificates (CRT)

    is that all I need to do in case I need to move and
    install it again?.

    Thanks
    sonnb

  2. #2
    There's no need to backup your SSL cert. You can always regenerate another one for free. If you move to a different server, your current SSL cert is unusable anyway and you would need to regenerate one.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  3. #3
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by net-trend View Post
    There's no need to backup your SSL cert. You can always regenerate another one for free. If you move to a different server, your current SSL cert is unusable anyway and you would need to regenerate one.
    thanks
    sonnb

  4. #4
    Join Date
    Feb 2006
    Posts
    5,393
    The first thing to check is whether or not your certificate supports reissues and at what cost (if any). Most of the time reissues are included free of charge, but not always.

    If your certificate does not support being reissued, saving the private key along with the certificate itself will allow you to move the SSL as needed (be sure to also keep a copy of any CA certificates).
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  5. #5
    Join Date
    May 2013
    Location
    India
    Posts
    747
    I am afraid, there was a slight confusion. You can use same SSL certificate if you move to a new server ( same web server arch ). Only thing is, you need to have the CRT, CA Cert and Private Key info of the current SSL certificate. Of course, you can re-issue the certificate any time ( based on your provider and type of certificate ) if you would like.

  6. #6
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by DWS2006 View Post
    The first thing to check is whether or not your certificate supports reissues and at what cost (if any). Most of the time reissues are included free of charge, but not always.

    If your certificate does not support being reissued, saving the private key along with the certificate itself will allow you to move the SSL as needed (be sure to also keep a copy of any CA certificates).
    It's a Godaddy basic SSL, good to next July, so I backup keys from the GoDaddy account ssl-area?, can somone who has done this before please post exactly what's needed. Thanks sonnb

  7. #7
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by sonnb View Post
    It's a Godaddy basic SSL, good to next July, so I backup keys from the GoDaddy account ssl-area?, can somone who has done this before please post exactly what's needed. Thanks sonnb
    Your private key would need to be acquired from within cPanel, the certificate and ca can also be found within cPanel (these might be available from the GoDaddy SSL area as well).
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  8. #8
    Join Date
    May 2013
    Location
    India
    Posts
    747
    I haven't seen any provider store Private Key with them. What all you can download is your Cert, CA chain and may be CSR. Private Key, you should find from your server and it is very essential to install the Cert.

  9. #9
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by DWS2006 View Post
    Your private key would need to be acquired from within cPanel, the certificate and ca can also be found within cPanel (these might be available from the GoDaddy SSL area as well).
    So I backed up the correct key and cnt, please read my first post to confirm
    is that all I needed to do, you'ld guess GoDaddy would have a how too somewhere in their support docs, I searched like crazy to no avail. this is info any webmaster should have access too. another hosting rule should be keep your ssl certs separate like domain names as well if there's no backup info posted.

    by CA do you mean key? and by chain do you mean cnt?, because I only have two things to backup from within cPanel. I see you mention 3 things above.


    sonnb

  10. #10
    Join Date
    Feb 2006
    Posts
    5,393
    You need your Private Key and Primary crt, it sounds like you have these. You may also need a CA Root Certificate (depends on whether or not your SSL is a root level certificate - most certificates require a root certificate). I'm not sure if the CA certificate can be copied/downloaded from cPanel directly (though it will be contained in a full backup file), your SSL provider should be able to give you a copy of this.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  11. #11
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by DWS2006 View Post
    You need your Private Key and Primary crt, it sounds like you have these. You may also need a CA Root Certificate (depends on whether or not your SSL is a root level certificate - most certificates require a root certificate). I'm not sure if the CA certificate can be copied/downloaded from cPanel directly (though it will be contained in a full backup file), your SSL provider should be able to give you a copy of this.
    Just learned something, our GoDaddy ssl may not even be a root certificate. doesn't say anything about that on their site, but I do not see any CA certificate you mention in cPanel maybe someone reading this down the road might know for sure

    I initially wanted to get a comodo positive ssl, looking back I should have and would have saved a mint. but that not being root was a big negative, or at least I thought.

    you cannot download that SSL stuff from cPanel you just copy and paste the key info in notepad and save.

    PS anyone know the root who owns comodo cert?

  12. #12
    Join Date
    Feb 2006
    Posts
    5,393
    GoDaddy has a long list of chain certificates here: https://certs.godaddy.com/anonymous/repository.pki

    I would recommend contacting Godaddy and requesting a link to the correct CA bundle for your certificate.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  13. #13
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by sonnb View Post
    PS anyone know the root who owns comodo cert?
    Just noticed this question, Comodo is a root level CA. They just choose to use the intermediary chain certificates since this method is currently viewed as being more secure than signing directly by the CA root certificate.

    Some linux distros do not include Comodo as part of their CA package, but Comodo certificates are natively supported in all modern browsers.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  14. #14
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by DWS2006 View Post
    GoDaddy has a long list of chain certificates here: https://certs.godaddy.com/anonymous/repository.pki

    It appears Godaddy does not own the root, valicart.com is the trusted ca
    when I checked the address padlock.

    can anyone explain the difference between a Godaddy 69.00 basic ssl
    and a 5 buck comodo positive ssl cert? there has to be some big difference
    as to why they have become so popular, yet charging 7x more. even with a
    coupon you looking at no less then 5x more. GeoTrust which is a root ca,
    and that is even 19.00 less. or am I not understanding something here?

    sonnb

  15. #15
    Join Date
    Feb 2006
    Posts
    5,393
    When comparing SSL certificates in the same class (domain, business, or extended validation) pricing is generally more about brand recognition, site seals etc., there's not much real differentiation.

    PostiveSSL, RapidSSL, AlphaSSL, Godaddy Basic SSL, etc. all offer the same key features and browser support. It doesn't really matter if the root is owned by the brand as long as the root certificate is sufficiently trusted.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  16. #16
    Join Date
    Nov 2013
    Posts
    262
    Quote Originally Posted by DWS2006 View Post
    When comparing SSL certificates in the same class (domain, business, or extended validation) pricing is generally more about brand recognition, site seals etc., there's not much real differentiation.

    PostiveSSL, RapidSSL, AlphaSSL, Godaddy Basic SSL, etc. all offer the same key features and browser support. It doesn't really matter if the root is owned by the brand as long as the root certificate is sufficiently trusted.
    That's completely astonishing then, how did GoDaddy
    SSL certs ever get so popular in the first place?.

    example you can get a 8 year domain vallidated SSL
    certificate by GeoTrust with "same Root CA Google
    uses" for the same price as a one year GoDaddy
    domain vallidated SSL. same exact type of certificate.


    Like my wife always says you must be either rich and
    stupid or poor and smart, you cannot be both and make
    it in this world.

  17. #17
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by sonnb View Post
    Like my wife always says you must be either rich and
    stupid or poor and smart, you cannot be both and make
    it in this world.
    I love that quote.

    A lot of users that purchase SSL don't really understand the process much. I'd venture to say a lot of the users utilizing Godaddy SSL certificates have domains or other services with Godaddy. And then there's the users that purchase directly from CAs for 10x the price of buying via the same cert from a reseller.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  18. #18
    Join Date
    Nov 2013
    Posts
    262
    Update...

    Just read a interesting article named Extinction of Unchained SSL Certificates seems chained certs are actually more secure then root ones

    also although GoDaddy certs are 69.00 they include a dedicated IP which saves you 36.00 a year. so the GoDaddy SSL is 33.00 once the smoke clears. meaning overall a 7.95 GeoTrust Rapid SSL plus the dedicated ip fee of 36.00 makes that actually 11 bucks more a year.

    So that's why I guess GoDaddy SSL certs are so popular, and when you compare a Godaddy business validation type SSL Cert vs another the savings become even more.
    regards SonnB
    removed sig, got creeped out

  19. #19
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by sonnb View Post
    Update...

    Just read a interesting article named Extinction of Unchained SSL Certificates seems chained certs are actually more secure then root ones

    also although GoDaddy certs are 69.00 they include a dedicated IP which saves you 36.00 a year. so the GoDaddy SSL is 33.00 once the smoke clears. meaning overall a 7.95 GeoTrust Rapid SSL plus the dedicated ip fee of 36.00 makes that actually 11 bucks more a year.

    So that's why I guess GoDaddy SSL certs are so popular, and when you compare a Godaddy business validation type SSL Cert vs another the savings become even more.

    There would still be some savings ($8 RapidSSL + $36 IP = $44 vs Godaddy with free IP at $69) but convenience is an important thing to consider. I think Godaddy used to include a dynamic site seal, most of your budget certs don't include those.

    If you're already comfortable with GoDaddy, nothing wrong with sticking with it. NameCheap.com is a popular SSL provider if you're considering other options, they offer competitive pricing on certificates at every level. GoGetSSL is another less well-known option.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

Similar Threads

  1. Replies: 0
    Last Post: 06-20-2007, 04:11 PM
  2. Secure Digital SSL Certificate ONLY $29 for a one-year certificate
    By dialsonic in forum Other Offers & Requests
    Replies: 22
    Last Post: 10-19-2004, 05:32 PM
  3. Replies: 10
    Last Post: 09-18-2003, 11:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •