tod at todandlorna.com
Tue Mar 16 11:38:08 MDT 2010
On 3/16/2010 11:13 AM, Merrill Oveson wrote:
> I'm new to ssl.
> Here's my situation....
> We're using godaddy.com
> I need to renew my csr file with them, apparently it's not 2048 bit encryted.
> I've located three files on my linux box (running apache)
> After poking around, I learned how to generate both the key and csr
> file. I can tell godaddy the contents of the csr file.
> Now how do I get a new crt file. I do need a new one, correct?
> I called tech support @ godaddy but the guy was clueless.
> Thanks in advance.
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
You generate the key first, and that's where you specify how many bits
it is, so specify 2048 in that step. It's ok if you have to generate a
new key for this as long as you configure your HTTP server to use the
Next you generate the CSR (as you seem to already have done) off of the
key. If you haven't done this on a 2048 bit key, you will have to redo
Last, you give the CSR, and only the CSR, to godaddy. They get back to
you in a few hours (could be a day) with the crt and their crt. With
godaddy you will have to include their intermediate crt for browser
support not yelling about an untrusted crt. Godaddy specifically has
instructions for many popular web servers on how to use the crts and
More information about the PLUG