Knowledgebase: 7) Server Queries
|
SSL Certificates
Posted by Jamie Chapman, Last modified by Jamie Chapman on 26 January 2018 10:55 AM
|
|
|
Self Hosted FrogLearn requires a valid SSL certificate to be installed on the server for you to be able to access the FrogOS software. For security reasons, FrogOS runs purely over SSL. Supported Certificates The following types of SSL Certificate are supported and can be used on a FrogServer. Single Name Single Name certificates are the most common certificate and only covers only a single domain name (most providers include www. in the certificate) eg. vle.myschool.com and www.vle.myschool.com SAN (Subject Alternative Name) SAN or Multi-Domain certificates cover multiple different domain names and can be used across multiple servers eg. vle.myschool.com, mail.myschool.com, myschoolothername.com, anotherschool.net, myschool.sch.uk. Wildcard Wildcard certificates cover all sub-domains of a single domain and can be used across multiple servers eg *.myschool.com (this would cover anything before the .myschool.com, so vle.myschool.com, mail.myschool.com, portal.myschool.com etc). EV (Extended Validation) EV certificates can be any of the above type, but these certificates set green bar in most browsers showing the owner of the certificate for extra validation. We do not currently support the use of Free SSL Providers such as Lets Encrypt. We will be looking into adding support for Lets Encrypt in the future. CSR Generation Your chosen SSL provider will generally provide instructions on how to generate a CSR (Certificate Signing Request) for you to be able to purchase a SSL Certificate. Frog do not provide CSR files. If you are struggling to generate a CSR, please contact your SSL provider or see the below links which may assist you. DigiCert provide a Windows Utility to create a CSR, Private Key and store the SSL certificate once purchased: https://www.digicert.com/util If you wish to generate a CSR yourself, you can try the following guides depending on the system you are using: https://www.digicert.com/csr-creation.htm Again, your chosen SSL provider will have full instructions on how to generate a CSR for your SSL certificate. Certificate Formats Once you have purchased your SSL certificate, you may be given an option on what format or certificate type you want to be provided with or download. If you are given this option, the Certificate formats we require are: Apache Apache Mod-SSL Installation Requirements For us to be able to install an SSL certificate on a server we require the following 3 files:
The Private Key file is generated when the CSR is created, so this will have been given by the CSR generation tool used online or on the server that was used to generate the CSR. The Certificate File and CA/Intermediate Certificate File will be provided by your chosen SSL provider once the certificate has been purchased. Once you have all the correct files for the SSL Certificate, please send them over to the Frog Service Desk for installation via a new ticket or email. If you are wanting to provide an existing certificate you own, such as a Wildcard Certificate, you can provide us with a PFX export of the certificate from an existing server that contains the above 3 files. | |
 (2 vote(s)) |