/
HTTPS Certificate Manual

HTTPS Certificate Manual

Dec 25, 2019

SOAJS console supports the ability to add the https certificate manually as a secret. Here is how:

You need to do the following:

  1. Generate a certificates

  2. Download the generated certificate and create a full chain certificate files

    1. private_key

    2. fullchain_crt



1. Generate the SSL Certificates

  1. Go to https://www.sslforfree.com/ and login with your account.

  2. Click on Certificates from the top main menu

  3. Create or Renew the certificate you want based on the domain it is associated with ( both options redirect to the same location )

  4. Enter the multiple domains you want the certificate to be associated with ( domain are separated by space )

    1. example: dashboard.soajs.org dashboard-api.soajs.org

  5. Select Manual Verification (DNS) option

  6. Click on manually verify domain

    1. The wizard will ask you to enter TXT records in your DNS

    2. The wizard will also provide you with links to verify that these entries have been done

  7. Once the verification is complete, click on Download SSL Certificate



2. Download the generated certificate and create a full chain certificate files

the downloaded certificates are made up or 3 files:

  • ca_bundle.crt

  • certificate.crt

  • private.key

This formate is not compatible with Nginx and is also missing what is known as the full chain certificate file, do the following:

  • rename private.key to private_key

  • create a new file called fullchain_crt and open this file in your text editor

  • copy the content of certificate.crt to fullchain_crt

  • directly below it, copy the content of ca_bundle.crt to fullchain_crt

  • save fullchain_crt

Certificates can be modified by text editors, the full chain certificate is a combination of both the certificate and the ca_bundle.