How can I add a SSL certificate to my website? : eDirectory

SSL on eDirectory hosting

An SSL Certificate helps provide an encrypted connection between your browser and the server, and is generally used for eCommerce transactions to indicate that the site is secure. The standard eDirectory installation doesn't include the SSL certificate and it is not mandatory to have an SSL certificate. However some specific features like visitor detection require an SSL certificate to work due to the security policies of web browsers. Also some payment gateways may also require SSL certificate.

There are two ways to add SSL certificate to your website.

1. Purchase our SSL Integration Mod. If you choose this option, we will take care of the entire process for adding the SSL certificate and auto-renew every year. This integration costs $194.00 one time payment + $97.00 yearly recurring to cover the auto-renewal. With this option, you will have more peace of mind as you won't have to worry about renewing SSL certificate every time it expires and focus on more important stuff like generating revenue for your website.

2. Get your own SSL certificate and send it to us for installation. You can get your SSL certificate from a third party provider and send it to use with an email attachment for installation. There will also be a service fee of $49.00 for each installation. This option is cheaper but you will have more work to do as you will have to get your own certificate and send it to us by email. You will also have to repeat this process every time it expires.

Here is the process for setting up your SSL certificate through a third party provider.

1. Contact eDirectory support by email and request a Certificate Signing Request (CSR). You need to send some information to generate the CSR file (see more information about the CSR below);

2. eDirectory support will generate the CSR file, and send it back to you;

3. Send the CSR file to your SSL certificate provider (RapidSSL.com, Versign.com, Geotrust.com or Godaddy.com, etc.) and purchase your SSL certificate;

4. Once the SSL certificate is ready, send the file back to our support team for installation;

5. Our support team will install your SSL Certificate after the payment confirmation.

What is an SSL Certificate?

SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a webserver, it enables the https protocol (over port 443) and allows secure connections from a webserver to a browser. Typically SSL is used to secure credit card transactions, data transfer, logins and more recently is becoming the norm while securing browsing of social network/media sites. An SSL Certificate binds together:

Your domain name, server name or hostname
Your organizational identity (i.e. company name) and location

An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers.

What is a CSR?

A CSR or Certificate Signing request is a block of encrypted text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country.

Information required to generate the CSR:

E-mail:

Host to make cert for:

City:

State:

Country (2 letter abbreviation):

Company Name:

Company Division:

Key Size (1024 or 2048):

If the SSL provider asks about the server type where the certificate will be installed, please choose 'CPanel' or 'Apache'.

SSL on self-hosted websites
(exclusive for Source License owners)

If you are self-hosting your eDirectory on your own server, please contact your hosting company for further information. Each server has a different way for the SSL installation and the system administrators of your hosting provider will be the most appropriate people to assist you. We are unable to provide support for websites hosted outside our servers.

My hosting provider installed the SSL certificate. How should I go about turning on the HTTPS on my own server?

It depends on the version you are currently using.

For older versions you can change the following constants file: conf/ssl.inc.php.

For more recent versions this file is located at: custom/domain_#/conf/ssl.inc.php

(# is your domain ID number).

You will see the following constants there:

# ----------------------------------------------------------------------------------------------------

# FLAGS - on/off

# ----------------------------------------------------------------------------------------------------

define(SSL_ENABLED, "off");

define(FORCE_MEMBERS_SSL, "off");

define(FORCE_ORDER_SSL, "off");

define(FORCE_CLAIM_SSL, "off");

define(FORCE_SITEMGR_SSL, "off");

Simply switch the constant values from "off" to "on" for the sections you want to make secure and save the file. Once saved, you can quickly test by accessing the corresponding area. It should automatically redirect your page to the HTTPS protocol.

If you get a certificate error while performing this last test, it is probably because the certificate was not installed correctly. Please check with your hosting provider for further assistance.

eDirectory - Support Center

How can I add a SSL certificate to my website? Print

How can I add a SSL certificate to my website? Print

Related Articles