I am about to get SSL cert from Godaddy and I found this bit on Vmin forum (and going through it):
Virtualmin->Server Configuration->Manage SSL Certificate->Signing Request
Fill in the blanks ('Server name in URL' needs the 'www' but not 'http://'), click 'Generate Now', copy the result
Log in to GoDaddy, buy a certificate credit, use the credit to request a certificate (they have instructions)
Paste in the CSR you got from clicking 'Generate Now'
They e-mail you a link to a zip file containing your cert and a chain called 'gd_intermediate_bundle.crt'
Unzip the file
Virtualmin->Server Configuration->Manage SSL Certificate->New Certificate
Upload your cert into 'Signed SSL certificate'
Virtualmin->Server Configuration->Manage SSL Certificate->CA Certificate
Upload the chain into 'CA certificate file'
Restart Apache
What I dont understand is - what is suppose to be in "RSA key size" field and "Days before expiry", is it suppose to be for the same period as certificate from godaddy will be?
I usually use a longer RSA key…like a few years. This is a trade off of security versus convenience–just be sure to keep your key safe, and it can be quite long.
Key size of 2048 bits is, I believe, the industry norm. But, I don’t think it will complain or break anything if you use a bigger one (and I wouldn’t use a smaller one, unless required by the certificate issuer).
Ok looks like I’ve managed to get and install SSL certificate, it seems to work fine in IE, but in Opera or Firefox it says that the “Authority could not be trusted”, I have other website on Plesk, and certificate was issued by same authority (Godaddy) and it doesnt ask this question. Anyway I was thinking that it might be CA bundle certificate from Goddaddy which I haven’t installed (Virtualmin never asked me to do so), when you go to “Server Configuration-Manage SSL Certificate-CA certificate” it has radio button on “None needed”, so i have tried to install it manually both from my computer AND from the server filesystem - in both cases it says “Error - File not found”
Is it a bug?
