How To Configure SSL To Work With SiteLock CDN
One of the common issues with an SSL is when it conflicts with SiteLock's firewall. There are 2 steps in configuring a site's SSL onto the SiteLock's CDN.
- Step 1: Get the .crt and .rsa keys for your SSL certificate ⤵
- Step 2: Install the .crt and .rsa keys into your SiteLock's dashboard ⤵
SiteLock performs a file-based (or inside-out) website scan that will alert you when any file on your website is infected with malware. This comprehensive service scans your website files, surgically removing malicious and suspicious content from legitimate files.
Step 1: Get the .crt and .rsa keys for your SSL certificate
If you need to read more information on generating a CSR (Certificate Signing Request), please read the article below:
Option 1: via the cPanel's SSL/TLS section
This method involves getting the .crt and .rsa keys from the SSL/TLS section of your cPanel.
- Log in to cPanel.
- Look for the Security section, then click SSL/TLS.
- In the Certificates (CRT), click on Generate, view, upload, or delete SSL certificates.
- Locate the domain and the latest SSL listed (based on the Expiration) for the domain and copy down the Description (ex. Cert for hgexample 1632123900.0) in your notepad.
- Click Edit and scroll down until you see Encoded Certificate. Copy this entire section (----BEGIN CERTIFICATE---- to ----END CERTIFICATE---- is included) and open up a notepad. Paste the certificate into the notepad.
- If you are installing a Let's Encrypt SSL, directly below the ----END CERTIFICATE---- line, you will paste the following intermediate chain:
-----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE-----
- Save the file as crt.txt.
- Go back to the SSL/TLS in the cPanel and navigate the Private Keys (Key) section.
- Find the Key that matches the description of the Cert that you've copied earlier, and click Edit next to the Key. Copy the Encoded Private Key (Including the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----), paste it into a new notepad, save and name rsa.txt.
- After saving both files, log into the SiteLock dashboard and follow the instructions in Step 2 below. The article also outlines these instructions, Configuring an SSL in SiteLock with an Existing Firewall.
Option 2: via the cPanel's file manager
For this method, you need to navigate your cPanel's File Manager. Please reach out to your web developer if you're uncomfortable doing so.
- Log in to the Customer Portal.
- From the dashboard, locate the hosting package where the SSL should be installed.
- Click File Manager from the Control Panel list of options.
- On the left-hand menu of the File Manager, select the ssl directory.
- Click on the certs folder.
- The folder will display a list of certificates and cache files. Search for the most recent certificate file (.crt).
Note: Ensure to look for the file with the .crt filename and NOT the .crt.cache file.
- Double-click the most recent certificate file (.crt) to save it. Please take note of the file's Last-Modified date.
- Since it is an executable file, you will get a notification asking you to keep or discard it. Select Keep. Please keep only the executable files that will not harm your computer. Note where this file is being saved on your computer.
- Once the certificate is saved on your computer, click Up One Level to return to the previous folder.
- Click the keys folder.
- Select the key file with the same date as the .crt file earlier from the list of files. Double-click to save the file. Note where the file is being saved on your computer.
- Exit the file manager.
Step 2 - Install the .crt and .rsa keys into SiteLock's dashboard
- Go back to the Customer Portal's Dashboard.
- Under the hosting package, you selected earlier, click SiteLock Security from the Manage list of options.
- Locate your domain name and click on the shield icon under Settings.
- In the SiteLock dashboard, click Settings from the left-hand menu.
- Under the Settings panel, select Trueshield Settings.
- In the Trueshield Settings, scroll down and look for the SSL Configuration Status section.
- If an SSL is already installed, it will show two buttons - Remove SSL Certificate and Replace Certificate. If there is no SSL, it will display the Upload Certificate button. Choose Replace Certificate if the SSL is already out of date or Upload Certificate if no SSL is installed.
- You will then be redirected to another page to be asked to upload a certificate file. Upload the .crt file. This is the first file you saved above.
Note: If the Choose File button did not work, drag and drop your .crt file from your computer to the Certificate box.
- Once uploaded, the Private Key and Passphrase fields will appear. Drag and drop the .key file to the second box. This is the second file that you saved above. Leave the Passphrase field empty.
- Hit Submit.
- A confirmation prompt will appear, notifying you of the successful upload.
- After this is completed, remove the files saved on your computer (crt.txt and rsa.txt).
Refresh your browser. The site should now route SSL traffic through the SiteLock firewall/CDN.