George Mason University Antonin Scalia Law School

How to Renew SSL Certificate for law.gmu.edu

  1. Log into cPanel (GoDaddy) and go to SSL/TLS
  2. SSL screenshot

  3. Generate CSR and fill out all the information.
  4. Request SSL certificate from ITS. Submit a request to get a certificate.
  5. Once you get it from ITS, go back to cPanel – SSL and then go to certificates
  6. Then upload the .crt file that ITS gave you
  7. Go to Manage SSL Sites. Scroll down to the Install an SSL Website and click Browse Certificates. Select the certificate that you want to activate and click Use Certificate. Click Install Certificate.

OpenSSL Update

Instructions on how to secure your server against the Heartbleed vulnerability:

  1. Edit CentOS-Base.repo (vi /etc/yum.repos.d/CentOS-Base.repo)
    • Add the # sign to this URL: mirrorlist=http://... (#mirrorlist=http://...)
    • Delete # sign to this URL: #baseurl=http://... (baseurl=http://...)
  2. yum clean all
  3. yum update openssl
  4. openssl version -a (Confirm the update: exemple: 'built on: Tue Apr 8 02:39:29 UTC 2014')
  5. rpm -q --changelog openssl | head (fix can be confirmed)
  6. Restart Apache
  7. Re-edit CentOS-Base.repo (vi /etc/yum.repos.d/CentOS-Base.repo)
    • Delete the # sign to this URL: #mirrorlist=http://... (mirrorlist=http://...)
    • Add # sign to this URL: baseurl=http://... (#baseurl=http://...)

Source: GoDaddy.

Re-Keying an SSL Certificate in GoDaddy.

Turning off SSL engine in Apache for CentOS

  1. vi /etc/httpd/conf.d/ssl.conf (Edit ssl.conf)
  2. SSLEngine off (Find a line SSLEngine and turn it to off)
  3. service httpd restart (Restart the Httpd Services)

Source: Linux Toolkits