A Simple Guide to Encryption

SSL for the Web
The acronym SSL stands for Secure Socket Layer. SSL was recently renamed TLS (Transport Layer Security), but because most people are still unfamiliar with the name TLS and because the configuration files still use the name SSL, we will use the name SSL in this tutorial. SSL is a cryptographic networking protocol that allows for secure communications between a client (usually a personal computer) and a server (usually a web server on which a website is located). This tutorial will teach you how to set up your website to communicate securely with your visitors.

NOTE: In order to complete this tutorial, you'll need an existing website with a unique domain name and access to your website's cPanel.


SSL cPanel Configuration
  1. Generate a private key. Log into cPanel [4]. FuzzyMonkey customers will need to use their domain name followed by "/cpanel" to log in. Example: http://mydomain.com/cpanel. Scroll down to the bottom of the page and click the "SSL Manager" link. When the page loads, click the "Private Keys" link. Use the form that is labeled "Generate a New Key" at the bottom of the page to generate a new private key. You will use this key to sign your certificate signing request. When the page loads, click "Go Back" twice, so that you are now on the SSL Manager page.

  2. Generate a certificate signing request. Click on the "Certificate Signing Requests" link. Use the form labeled "Generate a new Certificate Signing Request" to create your CSR. When the page loads, you will see your CSR, which will look like the following.

    -----BEGIN CERTIFICATE REQUEST-----
    MIICBTCCAW4CAQAwgZIxCzAJBgNVBAYTAnVzMRAwDgYDVQQIEwdhbGFiYW1hMRAw
    DgYDVQQHEwdtYWRpc29uMREwDwYDVQQKEwhibGFoYmxhaDERMA8GA1UECxMIYmxh
    aGJsYWgxFjAUBgNVBAMTDXNwaWNlbGFuZC5vcmcxITAfBgkqhkiG9w0BCQEWEmVy
    aW5Ac3BpY2VsYW5kLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4uuc
    vosrsRAUhk2t/5lET69/Fwh4OS9JE7nG/bfsWkzcLt19dktHoiCuchYLNb2T/Via
    wOndAE5yIA4pQSTGYtilxTfladnZmPdcmqlhN+b1FnqRinn43E5fOcT/yiQ9ntVE
    iKqoam+DRyRn3Rm7jTecIKbdF15AWbY8VTrB1bUCAwEAAaAyMBcGCSqGSIb3DQEJ
    AjEKEwhibGFoYmxhaDAXBgkqhkiG9w0BCQcxChMIYmxhaGJsYWgwDQYJKoZIhvcN
    AQEEBQADgYEABtat2OZ5GHvhjHzN/QyibdtAW/b9gqiJPA1z5czCGxRmB0x8zEnq
    BLe7UpqOCYXnHcDMv41m5flQdgs8uRqj56dpSUOVUIjb5Wkw2mC4OH104dJOD+KG
    Y9uwh2+1DbMXDT7ff/Ez58RpkRIAJOxZV165P0kHWi6Jxfm9EJebtMY=
    -----END CERTIFICATE REQUEST-----


  3. Choose a certificate authority and purchase a certificate. The two most reputable certificate authorities are VeriSign [2] and GeoTrust [3], but you can also find many other companies selling certificates. You must be careful to purchase your certificate from a reputable and trusted authority. We recommend purchasing your certificate from VeriSign or GeoTrust. The authority that you choose will have a page that will ask you to either copy and paste or upload your certificate and public key to their site. You will probably receive your new certificate within a couple of minutes of completing the purchase process. Usually certificates are delivered via email.



  4. Install your certificate. Your new certificate will be a paragraph of text that will look similar to this example.

    -----BEGIN CERTIFICATE-----
    MIIC8DCCAlmgAwIBAgIBEDANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
    FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
    VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
    biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
    MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTkwNTI1
    MDMwMDAwWhcNMDIwNjEwMDMwMDAwWjBTMQswCQYDVQQGEwJVUzEbMBkGA1UEChMS
    RXF1aWZheCBTZWN1cmUgSW5jMScwJQYDVQQDEx5FcXVpZmF4IFNlY3VyZSBFLUJ1
    c2luZXNzIENBLTIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYna8GjS9mG
    q4Cb8L0VwDBMZ+ztPI05urQb8F0t1Dp4I3gOFUs2WZJJv9Y1zCFwQbQbfJuBuXmZ
    QKIZJOw3jwPbfcvoTyqQhM0Yyb1YzgM2ghuv8Zz/+LYrjBo2yrmf86zvMhDVOD7z
    dhDzyTxCh5F6+K6Mcmmar+ncFMmIum2bAgMBAAGjYjBgMBIGA1UdEwEB/wQIMAYB
    Af8CAQAwSgYDVR0lBEMwQQYIKwYBBQUHAwEGCCsGAQUFBwMDBgorBgEEAYI3CgMD
    BglghkgBhvhCBAEGCCsGAQUFBwMIBgorBgEEAYI3CgMCMA0GCSqGSIb3DQEBBAUA
    A4GBALIfbC0RQ9g4Zxf/Y8IA2jWm8Tt+jvFWPt5wT3n5k0orRAvbmTROVPHGSLw7
    oMNeapH1eRG5yn+erwqYazcoFXJ6AsIC5WUjAnClsSrHBCAnEn6rDU080F38xIQ3
    j1FBvwMOxAq/JR5eZZcBHlSpJad88Twfd7E+0fQcqgk+nnjH
    -----END CERTIFICATE-----


    If your certificate arrives as a text file attached to an email, save the text file on your computer and open it. If it arrives in the body of the email or if it is displayed on a web page, you will not need to do anything. Make sure you are still logged onto cPanel, and go to the SSL Manager. Click the "Certificates" link. Copy the certificate text from the text file or from your email. Paste it into the textbox in cPanel in the form labeled "Upload a New Certificate," and click the "upload" button.

    To begin using SSL on your website, simply change the links on your site from "http" to "https." Any portions of your site that are accessed by https are automatically encrypted. Your visitors' browsers tells them that your website is secure. In Firefox, the background of the address bar turns yellow and a lock icon appears.








1. OpenSSL is located at openssl.org.
2. VeriSign's SSL store is located at verisign.com/ssl.
3. GeoTrust's SSL store is located here.
4. For more information about cPanel, visit cpanel.net.




Back - Hash Functions or
Back - SSL under Apache
Next - PGP for Email in Windows or
Next - PGP for Email in Linux