1. Knowledge Base
  2. >
  3. How To Configure SSL To Work With SiteLock CDN

How To Configure SSL To Work With SiteLock CDN

 

One of the common issues with an SSL is when it conflicts with SiteLock’s firewall. To install a site’s SSL onto the SiteLock’s firewall, please follow these steps.

Step 1 - Locate the Certificate (.crt) and Private Key (keys) files from the File Manager

  1. Log into the Customer Portal.
  2. From the Dashboard, locate the hosting package where the SSL should be installed.
  3. Click File Manager from the Control Panel list of options.

    Customer Portal - File Manager

  4. On the left-hand menu of the File Manager, select the ssl directory.

    cPanel

  5. Click on the certs folder.

    File Manager- certs folder

  6. The folder will display a list of certificates and cache files. Search for the most recent certificate file (.crt).
    Note: Please make sure to look for the file with the .crt filename and NOT the .crt.cache file.
  7. Double-click the most recent certificate file (.crt) to save it. Please take note of the file’s Last-Modified date.

    Last Modified Date

  8. Since it is an executable file, you will get a notification asking you to keep or discard it. Select Keep. Please make sure to keep only the executable files that will not harm your computer. Note where this file is being saved on your computer.


     

  9. Once the certificate is saved on your computer, click Up One Level to go back to the previous folder.

  10. Click the keys folder.

    File Manager - keys folder

  11. From the list of files, select the key file with the same date as the .crt file installed earlier. Double-click to save the file. Note where the file is being saved on your computer.

    File Manager - keys File

  12. Exit the File Manager.

Step 2 - Install the Certificate in SiteLock Dashboard

  1. Go back to the Customer Portal’s Dashboard.
  2. Under the hosting package you selected earlier, click SiteLock Security from the Manage list of options.

    Customer Portal - SItelock Security

  3. Locate your domain name and click the Settings icon.

    SiteLock Settings

  4. In the SiteLock Dashboard, click Settings from the left-hand menu.

    Dashboard Settings

  5. Under the Security Settings panel, select Trueshield Settings.

    Trueshield Settings

  6. In the Trueshield Settings, scroll a little bit down and look for the SSL Configuration Status section.

    SSL Configuration Status

  7. If an SSL is already installed, it will show two buttons - Remove SSL Certificate and Replace Certificate. If there is no SSL, it will display the Upload Certificate button. Choose Replace Certificate if the SSL is already out of date or Upload Certificate if no SSL is installed.
  8. You will then be redirected to another page where you’ll be asked to upload a certificate file. Upload the .crt file. This is the first file you saved above.

    Certificate File

    Note: If the Choose File button did not work, drag and drop your .crt file from your computer to the Certificate box.
  9. Once uploaded, the Private Key and Passphrase fields will appear. Drag and drop the .key file to the second box. This is the second file that you saved above. Leave the Passphrase field empty.

    Private Key

  10. Hit Submit.
  11. A confirmation prompt will appear, notifying you of the successful upload.

    Confirmation Prompt

    The site should now be able to route SSL traffic through the SiteLock firewall.
Workaround:
If the instructions above do not work and your site is still not redirecting to HTTPS, please click the expand below to view the workaround steps.
How to Use the Intermediate Chain
  1. Log in to cPanel and navigate to the SSL/TLS section.

    HostGator cPanel SSL/ TLS

  2. Click on Certificates.

    Certificates section

  3. Locate the domain and the latest SSL listed (based on the "expiration") for the affected domain and copy down the "Description" (ex. Cert for “domain.com” 123456789.0).

    Certificate Description

  4. Click Edit for the cert and scroll down until you see "Encoded Certificate" copy this entire section (----BEGIN CERTIFICATE---- to ----END CERTIFICATE---- is included) and open up a notepad. Paste the certificate into the notepad. 
  5. If  you are installing a Let's Encrypt SSL, directly below the ----END CERTIFICATE---- line, you will paste the following intermediate chain:  
    ----BEGIN CERTIFICATE----   
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw   
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh   
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw   
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg   
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK   
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP   
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx   
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm   
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg   
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG   
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC   
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB   
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA   
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw   
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw    
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB   
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W   
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl   
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz   
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm   
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4   
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2   
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O   
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids   
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+   
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv   
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX   
nLRbwHOoq7hHwg==   
----END CERTIFICATE----
  6. Save the file as crt.txt.
  7. Go back to the SSL/TLS in the cPanel section and navigate to the "Private Keys" section. 

    Private Keys section

  8. Find the Key that matches the description of the cert that you've copied, and click "edit" next to the Key. Copy the "Encoded Private Key" (Including the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----) paste into a new notepad, save and name "rsa.txt."
  9. After you have saved both files, log into the SiteLock dashboard and follow the instructions outlined here: Configuring an SSL in SiteLock with an Existing Firewall.