Adding an SSL Certificate to your Domain Name
Adding an SSL certificate involves the following steps:
- (1) Request a dedicated IP address and CSR (Certificate Signing Request)
- (2) Purchase the certificate from a Certificate Authority (eg: Thawte, Verisign, GeoTrust), using the CSR we send you
- (3) Send us the Live certificate, or a link to download it
- (4) We will install your certificate and enable SSL on your domain
These steps are detailed below.
(1) Request a dedicated IP address and CSR (Certificate Signing Request)
The first step is to generate a CSR (Certificate Signing Request). This is a text file containing information that you need to send to the Certificate Authority.
Here are the details we need to generate the CSR (Certificate Signing Request) for your SSL Certificate.
You must send these details to Metawerx Support in order for us to generate your CSR.
- Domain Name: (the exact domain name for which the SSL certificate will respond, eg: www.yourdomain.com)
- Organisation Name: (your full company name)
- Organisation Unit: (this should be something like Secure Services, Accounts Department or can sometimes just be left blank - but not with Thawte)
- Location: (city or suburb to appear on certificate)
- State: (2 or 3 letter state code, eg: VI, VIC, NSW)
- Country: (2 letter country code, eg: AU, US, JP)
Once we have these details, we will generate a CSR for your SSL certificate and send it to you by email.
You will also need a dedicated IP address for your SSL certificate due to the way SSL works. A dedicated VM already has a dedicated IP address, so this step is not necessary on dedicated VM plans unless this is your 2nd certificate or higher.
(2) Purchase the certificate from a Certificate Authority, using the CSR
When you receive the CSR, you can proceed to a Certificate Authority of your choice to purchase the SSL certificate.
Popular Certificate Authorities are:
(3) Send us the Live certificate, or a link to download it
After the Certificate Authority has authorized your request and accepted payment, they will send you a link to download your SSL certificate.
Certificates come in various formats. You will need to ensure you download a certificate that is compatible with "Tomcat" or "Java KeyTool".
After downloading the certificate (which is another text file, that looks a lot like the CSR), send it to Metawerx Support for installation.
(4) We will install your certificate and enable SSL on your domain
We will then connect the certificate to your account.
Forcing sections of your site into https mode is very easy, see the <security-constraint> tag for web.xml for more information, or the article Forcing SSL for sections of your website.
(5) How to test whether your certificate has been installed / see expiry date
- Go to https://yourdomain
- Go to File->Properties
- Click the Certificates button
- Check the Valid from date, eg: Valid from 5/02/2007 to 6/02/2008
