| View previous topic :: View next topic |
| Author |
Message |
Bibo
-
Joined: 08 Nov 2003
Posts: 28
Location: Melbourne, Australia
|
 Posted: Fri Apr 17, 2015 9:37 am Post subject: Comodo SSL certificate |
 |
|
Comodo sent me 4 files:
1- Root CA Certificate - AddTrustExternalCARoot.crt
2- Intermediate CA Certificate - COMODORSAAddTrustCA.crt
3- Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
4- Your PositiveSSL Certificate - mysite_com_au.crt
and I don't know which goes where in the Abyss "Certificates - Add" page
1- Main Certificate
2- Intermediate Certificate
3- CA Root Certificate
I think Comodo has 30% of the SSL market so I am a bit surprised the terminology seems (to me) to be so different |
|
| Back to top |
  |
 |
DanielC
-
Joined: 19 Jan 2008
Posts: 9
Location: France
|
| Posted: Sat Apr 18, 2015 5:28 pm Post subject: |
|
|
Simply add both intermediate cerificates in the same place, paste one after the other.
Main Certificate > mysite_com_au.crt
Intermediate Certificate > COMODORSAAddTrustCA.crt + COMODORSADomainValidationSecureServerCA.crt
CA Root Certificate > AddTrustExternalCARoot.crt
I'm using a Comodo EssentialSSL with a 4096 bit private key on my server.
You could also try the follow settings :
General > Advanced Parameters > SSL/TLS Parameters
SSL/TLS Profile : Custom
Ciphers : Strong
SSL 3.0 : No
TLS 1.0 : Yes
TLS 1.1 : Yes
TLS 1.2 : Yes
General > Advanced Parameters > Custom HTTP Headers
Virtual Path : /
HTTP Header Name : Strict-Transport-Security
HTTP Header Value : max-age=31536000; includeSubDomains
To understand the Strict-Transport-Security header :
http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
You can test your SSL here :
https://www.ssllabs.com/ssltest/
Using the settings above I get an A+ rating :
Also, don't forget that you can only use one SSL certificat per IP address.
_________________
~ Dan
www.danielclayton.com |
|
| Back to top |
  |
|
Bibo
-
Joined: 08 Nov 2003
Posts: 28
Location: Melbourne, Australia
|
| Posted: Mon Apr 20, 2015 3:56 am Post subject: |
|
|
| Thank you Dan. Much appreciated. :-) |
|
| Back to top |
|
|
JMMotyer
-
Joined: 06 Jul 2005
Posts: 78
Location: Burlington (Toronto-ish), Ontario, Canada
|
| Posted: Wed Feb 05, 2020 9:03 pm Post subject: IP limitation of SSL certificates? |
|
|
| DanielC wrote: | | Also, don't forget that you can only use one SSL certificat per IP address. |
Hi Dan,
I realize that your post is almost 5 years old, but am I to understand that if I am using Abyss X2 with 3 domains configured & running, all using the same WAN IP as I am a home user, that I can have an SSL certificate for only 1 of the domains?
Thanks in advance, and have a great day.
Regards,
John |
|
| Back to top |
|
|
admin
Site Admin
Joined: 03 Mar 2002
Posts: 1348
|
| Posted: Mon Feb 10, 2020 5:24 pm Post subject: Re: IP limitation of SSL certificates? |
|
|
JMMotyer,
No, this restriction is no more there thanks to the SNI support that is included in Abyss Web Server and in almost all modern-day browsers.
With it you get virtual hosting for HTTPS sites too. This has been there since 2016 https://aprelium.com/news/abws2-11.html .
_________________
Follow @abyssws on Twitter
Subscribe to our newsletter
_________________
Forum Administrator
Aprelium - https://aprelium.com |
|
| Back to top |
|
|
|
