Domain Website Certificate HTTPS Access

HTTPS For Domain Websites

Google encourages websites to switch from using the old HTTP protocol to using the secure HTTPS. Google ranks an HTTPS site higher in search results than a similar HTTP site. In late July 2018 Google’s Chrome browser started marking pages obtained via HTTP as not secure, and will become more forceful. Eventually, HTTPS sites will be considered normal and not marked with the familiar padlock and HTTP sites will receive increasingly strident warnings. As of September 2020, domain certificates expire after one year.

How To Change an HTTP to an HTTPS Website

Note that OlympusNet Support will set up a certificate for you or help you with any part of the setup per the fee published in Services/Pricing at SSL Certificate Setup .

OlympusNet’s upstream hosting provider for domain websites published the following information on setting up a certificate for HTTPS access: Setting up an SSL Certificate . We will use the domain example.com to show how to set up an SSL Certificate.

Steps to setup an SSL certificate:

  1. Choose a Certificate Authority from the list of five candidates shown in the previous link. That Certificate Authority issues the certificate that you’ll post on your website. In the following procedure, we’ll use the Comodo Certificate Authority. See Setting up an SSL certificate that is not hosted by Name.com.
  2. The Certificate Authority will send email to you during the certificate generation process.
    1. Set up the Approval Email Address admin@example.com as an alias if it doesn’t already exist which the Certificate Authority can use to send you the Approval email.
    2. Note that the Email Validation will be sent to the domain’s Technical Contact. See Whois Domain Lookup to determine what that address is.
  3. The following steps generate the Certificate Signing Request or CSR which the Certificate Authority uses to generate your certificate. The CSR is text which you will paste into a window to submit to the Certificate Authority. The CSR is generated in your OlympusNet Domain Administration Control Panel. That Control Panel is accessed from the OlympusNet top page under Home/Domain Admin Login.
    1. Log into your Domain Control Panel.
    2. Select Web Apps/Security/SSL Manager. Below SSL Manager, you’ll see Domains secured: 0 Domains not secured: 1
    3. If you don’t see the SSL Manager, contact OlympusNet Support.
    4. Select the Install icon.
    5. A Window titled Which SSL Certificate would you like to Install? will pop up.
    6. Select Vanity SSL.
    7. Select Next.
    8. In the window titled Step 1 of 5: Enter Information for example.com:
      1. Select www.example.com.
      2. In the Company and Business Division windows, enter the company name as it appears in Whois Domain Lookup under the Administrative Contact.
    9. Complete the City, State/Province/Country entries.
    10. Select All of the domain information above is correct.
    11. Select I want my website to be secure instantly after installation.
    12. DO NOT select I’ve already generated a Private Key.
    13. Select Next.
    14. In the window titled Step 2 of 5: Copy Generated CSR (CSR stands for Certificate Signing Request.):
      1. Select Download to download a copy of your CSR to your desktop.
      2. Select Copy, then paste the CSR into another backup file for safety.
    15. DO NOT select Next. You will resume the Certificate installation in Step 21 when you have the Certificate. You’ll now continue generating the CSR.
    16. Now that you have your CSR, connect to the Certificate Authority’s site to generate your certificate.
    17. For this example, we’ve chosen name.com/account and will use their Comodo Essential SSL Domain Validation certificate.
    18. Set up your account with your email address admin@example.com. It’s easiest to set that up as an alias. For your name, use the name that appears on your credit card.
    19. Select Comodo Essential SSL as the product.
    20. In Comodo Essential SSL/SSL Domain Setup:
      1. Select your domain as www.example.com.
      2. Verify that the Contact Information is correct.
      3. Paste the CSR including —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—–
      4. Note the admonition, NOTE: To cover both the bare and www subdomains, your CSR must be generated with the www.
      5. After selecting Next, a verification email will be sent.
      6. Select the appropriate link in the email to confirm receipt.
      7. In Domain Control Validation (Part 2), you’ll see the Order number The validation code for Order #410770953 has been sent to you in the email with reference #22550.
      8. Paste that validation code in the Domain Control Validation (Part 2) window.
      9. You will be emailed the certificate.
      10. Attached to that certificate email is a .zip file containing:
        1. Root CA Certificate - AAACertificateServices.crt
        2. Intermediate CA Certificate - USERTrustRSAAAACA.crt
        3. Intermediate CA Certificate - SectigoRSADomainValidationSecureServerCA.crt
        4. Your EssentialSSL Certificate - www_example_com.crt
    21. Now that you have the certificate, you’ll install it using the SSL Manager.
    22. Return to the page in your Domain Control Panel where you generated the CSR in which you were asked DO NOT select Next on line 15.
    23. Select Next now, then paste the certificate in the appropriate window.
    24. In the window titled Step 4 of 5: Certificate Ordered you’ll see:
      1. To complete the installation, there are additional steps you will need to take. Configuration can take from 2 up to 24 hours. Check the status by logging into the SSL Manager. Once the SSL status changes to DNS Update required, click the Next button to get further instructions. Typically the installation happens quickly.
      2. Select Go to main menu.
      3. Under SSL Status, confirm that Installed, DNS update completed appears.
      4. Note: to the right of that you’ll see Renew. Keep that in mind for next year when the certificate expires.
    25. In the Admin Control Panel/DNS Manager, confirm that the A record Name/www points to the correct IP address. That IP address should match what the command line dig example.com shows it to be.
    26. Flush the DNS cache on your macOS Catalina or Big Sur computer by running
      sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
    27. Confirm that https://example.com works.
      1. Note that http://example.com will continue to return a not secure until the .htaccess file referred to below is installed in the user’s site at ??????????
    28. Note that it might take three days for the updated DNS to be seen thoughout the Internet.
    29. For Certificate renewal information for name.com, see https://www.name.com/support/articles/205190858-Renewing-an-SSL-certificate.
    30. To rewrite HTTP accesses to HTTPS accesses, once the certificate has been installed, an .htaccess file needs to be installed.
      1. The .htaccess file causes HTTP requests to be converted to HTTPS requests as follows:
        1. The client types www.example.com in the address bar.
        2. The browser assumes HTTP protocol and sends a GET call to www.example.com.
        3. www.example.com responds with a moved status code and gives the new location:
          1. HTTP/1.1 301 Moved Permanently
            Location: https://www.example.com/
    31. Install the .htaccess file as follows:
      1. In the Domain Control Panel select Web Apps/File Manager which opens on the / directory.
      2. Select Upload to upload the .htaccess file.
      3. The .htaccess file should contain:
        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
        
      4. Note that editing files may be done with SSH, SCP or the following tools: FileZilla, CoreFTP or Cyberduck.