SSL Certification for Websites

From Apoyar Wiki
Revision as of 03:22, 5 January 2021 by 152.57.20.93 (talk)
Jump to navigation Jump to search

SSL Certification for Websites ..............................


We have to follow this SSL certification for only “apoyar.eu” domain all sites

We have to install the certbot with following command only

• certbot certonly –nginx

• For all websites we are securing should have only TLS 1.2 and 1.3

• We don’t have to use SSL and TLS 1.0 , 1.1

To know, nginx version and certification details we have, go to below path

• cd /etc/nginx

and, run below command

• nginx –V

To know what websites are running on server, go to below path

• cd /etc/nginx/sites-enabled/

and run below command

• grep -rnw '/etc/nginx/sites-available/' -e 'server_name'

For every SSL certification configuration, we have to follow below two redirection

• www --> non-www

• http --> https

for ex. www.apoyar.eu  http://www.apoyar.euhttps://www.apoyar.euhttps://apoyar.eu

How to create DNS CAA record

• Go to go daddy

• Manage DNS

• Select domain and click on add

• Enter the details as per below

Name - @

Flags - 0

Tag – issue

Value – godaddy.com

If we have generated certificate from letsencrypt we can add CAA record for that with only changing value field with

Name - @

Flags – 0

Tag – issue

Value – letsencrypt.org


Note –

To check websites Security level and Certification details, Go to https://www.ssllabs.com/ssltest/ and enter website name (ex. apoyar.eu) and click submit, it will give you a summary of all security and certificates.


To determine which Certification authority (first column) has which DNS CAA string (second column) go to below link https://www.entrust.com/knowledgebase/ssl/certification-authority-authorization-caa-record-ca-values

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=SSL_Certification_for_Websites&oldid=138