50. HTTP to HTTPS : Secure Your Website with SSL Certificates and Load Balancers - Ayushi-srivastav/OCI GitHub Wiki
Steps to secure your website
Step 1. Install Java
Note : (The tool we're using to generate the details for obtaining a certificate is Key Tool, a Java-based utility)
Login to your application server and install Java by using command
yum install java
Step 2. Generate a Private key
Create a directory named keytool
mkdir keytool
and navigate into it by running the command
cd keytool
Inside this keytool directory, we have to run this command
keytool -genkey -alias test -keyalg RSA -keysize 2048 -keystore keystore.jks
We need to provide the following details, ensuring that the alias is unique for each URL.
we can see one file is created named keystore.jks
Now we have to check the generated key so we have to run this command,
Keytool -list -keystore keystore.jks
If we need more information about this file, we can execute the same command with the verbose option.
Keytool -list -keystore keystore.jks -v
Step 3 : Generate a CSR File
With the private key now generated, we'll use it to create a CSR (Certificate Signing Request) file. This final file must be provided to the certificate authority to obtain the certificate. Execute the following command to generate the CSR file
Keytool -certreq -keyalg RSA -alias test -file certreq.csr -keystore keystore.jks
As we can see, one file is created named certreq.csr
We can read this file by running cat command and copy its contents to a notepad for future use. To avoid copying any extra spaces, use Alt+Ctrl to select the content, ensuring that no spaces are included during the copy process
cat certreq.csr
Step 4: Generating a Certificate
Next, navigate to the certificate provider's website and log into your account.
Note: For testing purposes, we are using a free certificate provider. In a real-world scenario, we will utilize other certificate providers.
Click on New certificate
Here we have to enter the domain name, click on next step
Select the validity of the certificate according the client’s requirement, click on next step
In the next step we have to paste the CSR which we created,
next, we select the free plan and click on next step
In the next step, domain verification is necessary. We will use the DNS method to verify it.
Ensure that a domain account is configured and you have bought a domain.