cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution
Highlighted

SSL without a dedicated IP?

Hi all...I was hoping to find out a little more about installing an SSL cert to secure a site I'm developing with https. From what I've read, the Go Daddy hosting package my client's site is on does not have a dedicated IP address, and such a dedicated ip is necessary - can this be resolved, and if so, how?

 

Thanks for any advice anyone can offer, it will be most appreciated!  🙂

4 REPLIES 4
Helper V
Helper V
Solution

Re: SSL without a dedicated IP?

@woodson You do not need a Dedicated IP to install an SSL Cert. The SSL Cert can be a self signed cert as the site is under development. You will get an error every time you try to connect but you can still access the site securely. Once site is out of development you will need to install a valid SSL Cert if you plan on allowing secure access to your site.

 

Here are the basic steps to get an SSL for the site 

1. Request an SSL certificate

2. If the domain is not on your account you may need to Generate a CSR (certificate signing request)  

3. Verify your certificate request

Once the cert has been issued you will need to Install SSL certificate

 

When accessing a site using a secure connection (HTTPS) the cert is only used to encrypt the communication. The Domain, Cert signing, Revocation, and other stuff are primarily used in determining trust. 

Re: SSL without a dedicated IP?

@oslinux Many thanks for your detailed response, really appreciate it.

 

So, just to confirm, even though the live site is on a shared server (and hence no dedicated IP) you are saying this won't be an issue when I go about setting up the SSL (don't need it yet, until I've added login functionality that I actually want to be secure)?

Re: SSL without a dedicated IP?

Hi, I'm trying to install an SSL on Plesk, but when downloading the options are "Apache, IIS, Other", the answers i've seen have a plesk option. What server should i choose?

 

Cheers

New

Re: SSL without a dedicated IP?

Hi THere

 

I have received a email regarding SSL certificate. Can someone please tell me how this can be done. In the form provided to fill there are many fields which I don't know what to write. Will appreciate any help on this.

 

I am talking about below form:

 

Contact Information

When generating a certificate signing request, we can send a copy of the generated self-signed certificate, the private key and the certificate signing request. Depending on your mail service provider, your mail may be sent over an insecure channel. We do not recommend sending private keys if the email service provider you use does not support secure mail via SSL/TLS.

 When complete, email me the certificate, key, and CSR.
Email Address: 
Provide your email address to receive a copy of the generated certificate, key, and CSR.

Private Key Options

When the system generates a self-signed certificate and CSR, the system also generates a new private key for the certificate and CSR. To protect the certificate, this key must be confidential. Do not send the private key through an insecure method.

Key Size:                                                                                                         2,048 bits (Recommended)                                                                                                      

                                                      4,096 bits                                                                                                     Certificate Information

The information provided below is used to create a self-signed certificate and the corresponding certificate signing request. Since this is the information that users will see when they access a site via SSL, it is important to provide accurate and valid information.

Domains:Required 
Provide the FQDNs that you wish to secure, one per line. To create and use a wildcard domain, add an asterisk to the domain name as in the following example: *.sample.com. NOTE: Many CAs charge a higher price to issue multiple-domain certificates (sometimes called “UCCs” or “SANcertificates”) and certificates that include wildcard domains.
 
 
Company Name: 
Provide the legally-registered name for your business. If your company name includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
Company Division: 
Provide the name of the division or group within the above company. If the division includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.
Email: 
Email address at which the CA can contact you to obtain verification of domain ownership.

Shared Secrets

Some certificate authorities may require CSRs to have a passphrase. The certificate authority can use a CSR passphrase to confirm the identity of the person or organization with whom you wish to communicate. CSR passphrases are stored unencrypted in the CSR. Because of this, and also because you will share this passphrase with a third party, do not use an important password here.

Passphrase: 
warningDo not use an important password. Passphrases stored in CSRs are not encrypted, which means third party attackers can easily read these passphrases.
 
 
Will appreciate any help on this.
 
Regards