How to Apply SSL Certificate

How to Apply SSL Certificate
The document is to show you how to apply a SSL certificate for a website.

1 The general diagram for applying SSL Certificate


2 Generate a CSR for a domain

2.1 Create CSR

Before we generate the CSR for a domain, we need to obtain the following information for the domain.
Common Name:
 Organization: Your company name
 Organizational Unit: Your department
 Locality (City): 

2.1.1 Generate a CSR for the domain name in our CA server

Remote desktop to the CA server, Go to the IIS ‘Server Certificates’ option.

2.1.2 Create Certificate Request

Click ‘Create Certificate Request’ right hand of the panel, open the ‘Request Certificate’ window.

2.1.3 CSR information

Fill in the CSR information which was provided before.

2.1.4 Encrypt length

Click ‘next’, selecting the encrypt length for 2048 bits.

2.1.5 Save certificate request path

Click ‘Next’, specify a file name for the certificate request.

2.1.6 Complete CSR request

Click finish to complete the CSR generate process.

3 Order the SSL from Trustico

We can make an order from Trustico to apply the SSL. Regarding  how to make an order from Trustico. Please refer to “How to Make a SSL Order from Trustico Control Panel.docx”
Here are the steps to make an order
  1. DBM makes the order based on the CSR file, certificate type, and server type etc ;
  2. Trustico will send an approval email to client ([email protected]);
  3. The client will approve the SSL Certificate;
  4. The Trustico will issue the certificate file for installing;

4 Install SSL with cer file

After the certificate was issued, saving the file as a *.cer format file in the CA server.

4.1 Complete the Certificate Request

Complete the Certificate Request by doing the following steps.

4.1.1 Complete Certificate Request window

Remote desktop to the CA server, Go to the IIS ‘Server Certificates’ option.

4.1.2 Complete Certificate Request

Click the ‘Complete Certificate Request’ right panel. Open the ‘Specify Certificate Authority Response’ window.

4.1.3 Specify certificate file

Select the certificate needs to be completed.

4.1.4 Complete

Specify the Certificate file, click ‘OK’ to complete the Cretificate Request.

5 Export SSL as pfx format

After the certificate was completed in the CA server, you can export the certificate as a PFX format file.

5.1 Specify Certificate installed file

Select the certificate which has been completed in the CA server.

5.2 Export SSL

Click the ‘Export’ right hand of the panel opening the export certificate window. Specify a path to save the PFX file. Type a password to export the PFX file.

5.3 Complete Export process

Click ‘OK’ to complete the export for the certificate.

6 Import SSL from the pfx file

The certificate can be import to any type of plan like Shared plan, VPS plan, and dedicated server. Whatever it is, there must be a dedicated IP need to be provided with the certificated installation. The procedure of the certificate import will be showed in a shared server for an example.

6.1 Open import window

Connect with Remote Desktop Connection to the shared server which is hosting the website to be installed with the certificate. Copy the PFX file into the shared server. Go to the IIS ‘Server Certificates’ option.

6.2 Import with password

Click ‘import’ right hand of the panel, opening the import certificate window.
Specify the certificate file as the file which was exported from the CA server before. The password is the one which was typed when the certificated was exported. Click ‘OK’ to complete the certificate import process.

7 Add the SSL binding to a Website

After the certificate was imported to the target server, you will need to add a binding to the website which apply the certificate.

7.1 Open site binding window

Pitch on the website, clicking ‘bindings’ right hand of the panel, opening the ‘site bindings’ window.

7.2 Add SSL binding

  • Click ‘Add’, add  the binding as following:
  • Type: https.
  • IP address: the dedicated IP assigned to the site.
  • Port: 443.
  • SSL Certificate: the one was imported before.

8 Test it out

Open the browser address bar, typing the https:// prefix of the web site, make sure the DNS record for the domain is correct.  If there is a green bar, it proves that it was installed properly.

9 Done

Add Feedback