How to Use a Custom SSL Certificate on VergeCloud for Enhanced Website Security

Using a Custom SSL Certificate on VergeCloud: Secure Your Website with Confidence

Custom SSL Certificate

You can continue utilizing your custom SSL certificate by navigating to the VergeCloud HTTPS Settings.

Introduction

Custom SSL certificates are essential for securing data transmitted over the internet. With VergeCloud, users can easily upload their custom certificates to ensure encrypted communications and enhance security protocols for their domains.

Glossary

  • SSL (Secure Sockets Layer): A standard technology that creates an encrypted link between a server and a client.
  • PEM (Privacy-enhanced Electronic Mail): A file format commonly used for storing keys and certificates in base64 encoded format.
  • Certificate Trust Chain: A sequence of certificates that establish a path of trust from a root certificate to an end-entity certificate.
  • Intermediate Certificate: Certificates that form a link between the root certificate and the server certificate.

Real Usage Scenarios

Imagine a scenario where a business requires secure communication between its website and clients. By utilizing a custom SSL certificate through VergeCloud, the business can ensure that sensitive customer data is protected during transmission, building trust and compliance with industry standards.

Field/Option Descriptions

The process of managing SSL certificates involves several fields and options in the VergeCloud dashboard, including:

  • Custom Certificate: This option allows you to upload your own SSL certificate file.
  • Private Key: The corresponding private key for your SSL certificate, which is crucial for establishing secure connections.
  • Certificate Bundle: An optional collection of your SSL certificate and any intermediate certificates.

How to Add/Edit/Use the Feature

  1. Activate HTTPS for Your Account

    Navigate to the VergeCloud dashboard and activate the HTTPS feature for your account.

    Activate HTTPS
  2. Select Custom Certificate

    Click on the 'Custom Certificate' option in the HTTPS settings.

    Select Custom Certificate
  3. Upload Your Certificate and Key

    Upload your .crt file and the corresponding private key file. If required, upload the certificate bundle.

    Upload Certificate and Key

API Example


curl -X POST "https://api.vergecloud.com/ssl/upload" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
    "certificate": "-----BEGIN CERTIFICATE-----\nMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0GA1UEChMGR251VExTMSU\n...",
    "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCuaGs3MHEOUMvOv7QLx1cAgx7BDMHE0e\n...",
    "bundle": "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"
}'

Testing and Validation

To verify the SSL certificate installation, you can use tools like curl or browser-based checks:

  1. Using Curl

    Run the following command to check if your SSL certificate is correctly installed:

    curl -Iv https://yourdomain.com
    Curl Command
  2. Using Browser

    Open your website in a browser and check for the padlock icon in the address bar, indicating a secure connection.

    Browser Check

Converting Other Formats to PEM

Certificates may come in various formats. Here's how to convert them to PEM using OpenSSL:


# Convert DER to PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem

# Convert P7B to PEM
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

# Convert PFX to PEM
openssl pkcs12 -in certname.pfx -nokeys -out certificate.pem
openssl pkcs12 -in certname.pfx -nocerts -out private.key -nodes

Creating Certificate Trust Chain

To ensure your SSL/TLS certificate works effectively across different platforms, you need to create a Certificate Trust Chain. This involves compiling your SSL certificate, Root Certificate, and Intermediate Certificates into a single file in the following order:


-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: yourwebsite.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: INTERMEDIATE.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: Root.crt)
-----END CERTIFICATE-----

If you need further assistance, consult the guide on obtaining your Chain Certificate through your browser.