Results 1 to 19 of 19
Thread: Backup our SSL certificate
-
07-31-2014, 11:25 PM #1Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
Backup our SSL certificate
Hi,
I'm trying to backup our ssl cert from GoDaddy
and keep that SSL with us. in case we need to
move elsewhere.
do I backup from cPanel's SSL/TLS Manager
or from the GoDaddy SSL Certificates area?
it's a little confusing, in cPanel's SSL/TLS Manager
under Private Keys (KEY), I see 3 key entry's
domain.com
domain.com 1
domain.com created 7/10/14 7:06 AM UTC
oddly enough the first entry "domain.com" is what cPanel
says is the key being used.
"This private key is in use by the following resources:"
have no idea why the third entry comes off as being the
correct key at first glance, or even why there is 3 keys
to begin with.
under Certificates (CRT)
I just have one entry looking like this
domain.comwww.domain.com
so far I backed up the key, cPanel says is in use
and the one under Certificates (CRT)
is that all I need to do in case I need to move and
install it again?.
Thanks
sonnb
-
08-01-2014, 04:56 AM #2Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
There's no need to backup your SSL cert. You can always regenerate another one for free. If you move to a different server, your current SSL cert is unusable anyway and you would need to regenerate one.
YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
08-01-2014, 12:01 PM #3Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
-
08-01-2014, 12:13 PM #4Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
The first thing to check is whether or not your certificate supports reissues and at what cost (if any). Most of the time reissues are included free of charge, but not always.
If your certificate does not support being reissued, saving the private key along with the certificate itself will allow you to move the SSL as needed (be sure to also keep a copy of any CA certificates).WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-01-2014, 12:13 PM #5Temporarily Suspended
- Join Date
- May 2013
- Location
- India
- Posts
- 747
I am afraid, there was a slight confusion. You can use same SSL certificate if you move to a new server ( same web server arch ). Only thing is, you need to have the CRT, CA Cert and Private Key info of the current SSL certificate. Of course, you can re-issue the certificate any time ( based on your provider and type of certificate ) if you would like.
-
08-01-2014, 12:20 PM #6Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
-
08-01-2014, 12:42 PM #7Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-01-2014, 12:45 PM #8Temporarily Suspended
- Join Date
- May 2013
- Location
- India
- Posts
- 747
I haven't seen any provider store Private Key with them. What all you can download is your Cert, CA chain and may be CSR. Private Key, you should find from your server and it is very essential to install the Cert.
-
08-01-2014, 01:29 PM #9Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
So I backed up the correct key and cnt, please read my first post to confirm
is that all I needed to do, you'ld guess GoDaddy would have a how too somewhere in their support docs, I searched like crazy to no avail. this is info any webmaster should have access too. another hosting rule should be keep your ssl certs separate like domain names as well if there's no backup info posted.
by CA do you mean key? and by chain do you mean cnt?, because I only have two things to backup from within cPanel. I see you mention 3 things above.
sonnb
-
08-01-2014, 01:59 PM #10Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
You need your Private Key and Primary crt, it sounds like you have these. You may also need a CA Root Certificate (depends on whether or not your SSL is a root level certificate - most certificates require a root certificate). I'm not sure if the CA certificate can be copied/downloaded from cPanel directly (though it will be contained in a full backup file), your SSL provider should be able to give you a copy of this.
WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-01-2014, 04:24 PM #11Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
Just learned something, our GoDaddy ssl may not even be a root certificate. doesn't say anything about that on their site, but I do not see any CA certificate you mention in cPanel maybe someone reading this down the road might know for sure
I initially wanted to get a comodo positive ssl, looking back I should have and would have saved a mint. but that not being root was a big negative, or at least I thought.
you cannot download that SSL stuff from cPanel you just copy and paste the key info in notepad and save.
PS anyone know the root who owns comodo cert?
-
08-01-2014, 04:39 PM #12Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
GoDaddy has a long list of chain certificates here: https://certs.godaddy.com/anonymous/repository.pki
I would recommend contacting Godaddy and requesting a link to the correct CA bundle for your certificate.WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-02-2014, 01:32 PM #13Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
Just noticed this question, Comodo is a root level CA. They just choose to use the intermediary chain certificates since this method is currently viewed as being more secure than signing directly by the CA root certificate.
Some linux distros do not include Comodo as part of their CA package, but Comodo certificates are natively supported in all modern browsers.WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-02-2014, 02:19 PM #14Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
It appears Godaddy does not own the root, valicart.com is the trusted ca
when I checked the address padlock.
can anyone explain the difference between a Godaddy 69.00 basic ssl
and a 5 buck comodo positive ssl cert? there has to be some big difference
as to why they have become so popular, yet charging 7x more. even with a
coupon you looking at no less then 5x more. GeoTrust which is a root ca,
and that is even 19.00 less. or am I not understanding something here?
sonnb
-
08-02-2014, 02:50 PM #15Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
When comparing SSL certificates in the same class (domain, business, or extended validation) pricing is generally more about brand recognition, site seals etc., there's not much real differentiation.
PostiveSSL, RapidSSL, AlphaSSL, Godaddy Basic SSL, etc. all offer the same key features and browser support. It doesn't really matter if the root is owned by the brand as long as the root certificate is sufficiently trusted.WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-02-2014, 03:17 PM #16Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
That's completely astonishing then, how did GoDaddy
SSL certs ever get so popular in the first place?.
example you can get a 8 year domain vallidated SSL
certificate by GeoTrust with "same Root CA Google
uses" for the same price as a one year GoDaddy
domain vallidated SSL. same exact type of certificate.
Like my wife always says you must be either rich and
stupid or poor and smart, you cannot be both and make
it in this world.
-
08-02-2014, 03:27 PM #17Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
I love that quote.
A lot of users that purchase SSL don't really understand the process much. I'd venture to say a lot of the users utilizing Godaddy SSL certificates have domains or other services with Godaddy. And then there's the users that purchase directly from CAs for 10x the price of buying via the same cert from a reseller.WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
-
08-02-2014, 08:04 PM #18Web Hosting Guru
- Join Date
- Nov 2013
- Posts
- 262
Update...
Just read a interesting article named Extinction of Unchained SSL Certificates seems chained certs are actually more secure then root ones
also although GoDaddy certs are 69.00 they include a dedicated IP which saves you 36.00 a year. so the GoDaddy SSL is 33.00 once the smoke clears. meaning overall a 7.95 GeoTrust Rapid SSL plus the dedicated ip fee of 36.00 makes that actually 11 bucks more a year.
So that's why I guess GoDaddy SSL certs are so popular, and when you compare a Godaddy business validation type SSL Cert vs another the savings become even more.regards SonnB
removed sig, got creeped out
-
08-02-2014, 08:22 PM #19Web Hosting Master
- Join Date
- Feb 2006
- Posts
- 5,393
There would still be some savings ($8 RapidSSL + $36 IP = $44 vs Godaddy with free IP at $69) but convenience is an important thing to consider. I think Godaddy used to include a dynamic site seal, most of your budget certs don't include those.
If you're already comfortable with GoDaddy, nothing wrong with sticking with it. NameCheap.com is a popular SSL provider if you're considering other options, they offer competitive pricing on certificates at every level. GoGetSSL is another less well-known option.WHMEasyBackup.com - Take Control Of Your Backups!
Complete Backup Solution For WHM Reseller Accounts
Similar Threads
-
FREE Setup, FREE SSL Certificate, FREE Backup and FREE Control Panel at The Planet!
By BrookeM in forum Dedicated Hosting OffersReplies: 0Last Post: 06-20-2007, 04:11 PM -
Secure Digital SSL Certificate ONLY $29 for a one-year certificate
By dialsonic in forum Other Offers & RequestsReplies: 22Last Post: 10-19-2004, 05:32 PM -
SSL certificate provider thawte using invalid certificate on their site
By Coach in forum Web Hosting LoungeReplies: 10Last Post: 09-18-2003, 11:02 PM