1. Knowledge Base
  2. >
  3. How To Configure SSL To Work With SiteLock CDN

How To Configure SSL To Work With SiteLock CDN

 

One of the common issues with an SSL is when it conflicts with SiteLock's firewall. There are 2 steps in configuring a site's SSL onto the SiteLock's CDN.


SiteLock performs a file-based (or inside-out) website scan that will alert you when any file on your website is infected with malware. This comprehensive service scans your website files, surgically removing malicious and suspicious content from legitimate files.

Step 1: Get the .crt and .rsa keys for your SSL certificate

If you need to read more information on generating a CSR (Certificate Signing Request), please read the article below:

Option 1: via the cPanel's SSL/TLS section

This method involves getting the .crt and .rsa keys from the SSL/TLS section of your cPanel.

  1. Log in to cPanel.
  2. Look for the Security section, then click SSL/TLS.

    HostGator cPanel SSL/ TLS

  3. In the Certificates (CRT), click on Generate, view, upload, or delete SSL certificates.

    Certificates section

  4. Locate the domain and the latest SSL listed (based on the Expiration) for the domain and copy down the Description (ex. Cert for hgexample 1632123900.0) in your notepad.

    Certificate Description

  5. Click Edit and scroll down until you see Encoded Certificate. Copy this entire section (----BEGIN CERTIFICATE---- to ----END CERTIFICATE---- is included) and open up a notepad. Paste the certificate into the notepad. 
  6. If you are installing a Let's Encrypt SSL, directly below the ----END CERTIFICATE---- line, you will paste the following intermediate chain:
    -----BEGIN CERTIFICATE-----
    MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
    TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
    cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
    WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
    RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
    AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
    R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
    sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
    NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
    Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
    /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
    AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
    Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
    FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
    AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
    Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
    gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
    PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
    ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
    CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
    lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
    avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
    yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
    yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
    hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
    HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
    MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
    nLRbwHOoq7hHwg==
    -----END CERTIFICATE-----
    
  7. Save the file as crt.txt.
  8. Go back to the SSL/TLS in the cPanel and navigate the Private Keys (Key) section. 

    Private  Keys section

  9. Find the Key that matches the description of the Cert that you've copied earlier, and click Edit next to the Key. Copy the Encoded Private Key (Including the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----), paste it into a new notepad, save and name rsa.txt.
  10. After saving both files, log into the SiteLock dashboard and follow the instructions in Step 2 below. The article also outlines these instructions, Configuring an SSL in SiteLock with an Existing Firewall.
     

Option 2: via the cPanel's file manager

For this method, you need to navigate your cPanel's File Manager. Please reach out to your web developer if you're uncomfortable doing so.

  1. Log in to the Customer Portal.
  2. From the dashboard, locate the hosting package where the SSL should be installed.
  3. Click File Manager from the Control Panel list of options.

    Customer Portal - File Manager

  4. On the left-hand menu of the File Manager, select the ssl directory.

    cPanel

  5. Click on the certs folder.

    File Manager- certs folder

  6. The folder will display a list of certificates and cache files. Search for the most recent certificate file (.crt).
    Note: Ensure to look for the file with the .crt filename and NOT the .crt.cache file.
  7. Double-click the most recent certificate file (.crt) to save it. Please take note of the file's Last-Modified date.

    Last Modified Date

  8. Since it is an executable file, you will get a notification asking you to keep or discard it. Select Keep. Please keep only the executable files that will not harm your computer. Note where this file is being saved on your computer.

  9. Once the certificate is saved on your computer, click Up One Level to return to the previous folder.

  10. Click the keys folder.

    File Manager - keys folder

  11. Select the key file with the same date as the .crt file earlier from the list of files. Double-click to save the file. Note where the file is being saved on your computer.

    File Manager - keys File

  12. Exit the file manager.

Step 2 - Install the .crt and .rsa keys into SiteLock's dashboard

  1. Go back to the Customer Portal's Dashboard.
  2. Under the hosting package, you selected earlier, click SiteLock Security from the Manage list of options.

    Customer Portal - SItelock Security

  3. Locate your domain name and click on the shield icon under Settings.

    SiteLock Settings

  4. In the SiteLock dashboard, click Settings from the left-hand menu.

    Dashboard Settings

  5. Under the Settings panel, select Trueshield Settings.

    Trueshield Settings

  6. In the Trueshield Settings, scroll down and look for the SSL Configuration Status section.

    SSL Configuration Status

  7. If an SSL is already installed, it will show two buttons - Remove SSL Certificate and Replace Certificate. If there is no SSL, it will display the Upload Certificate button. Choose Replace Certificate if the SSL is already out of date or Upload Certificate if no SSL is installed.
  8. You will then be redirected to another page to be asked to upload a certificate file. Upload the .crt file. This is the first file you saved above.

    Certificate File

    Note: If the Choose File button did not work, drag and drop your .crt file from your computer to the Certificate box.
  9. Once uploaded, the Private Key and Passphrase fields will appear. Drag and drop the .key file to the second box. This is the second file that you saved above. Leave the Passphrase field empty.

    Private Key

  10. Hit Submit.
  11. A confirmation prompt will appear, notifying you of the successful upload.

    Confirmation Prompt

  12. After this is completed, remove the files saved on your computer (crt.txt and rsa.txt).

Refresh your browser. The site should now route SSL traffic through the SiteLock firewall/CDN.