Reputation: 10738
How to handle SSL server certificate in production?
I'm setting up SSL in my site for the first time and I wonder if there are any guidelines regarding the handling of certificates.
What is the best practice regarding handling my SSL server certificate? Should it be put in source control? If not, where? Are there any Does and Don'ts I should follow?
Upvotes: 1
Views: 711
Answers (1)
Reputation: 17508
You don't put your SSL certificate in a source control. It will be completely different the next time you renew it.
When you deploy the certificate to your server, you might be going through a wizard (if this is IIS, for example). In some stage it might ask you whether you want to export the private key - say YES, and choose a password. Save the generated private key file in a safe place (obviously not on the server itself). If this is a different server, look for a way to export the private key as described.
Besides that, there's no much to do. Essentially it's an IT thing rather than a programmer's stuff. Just be sure to put a reminder to renew it, several weeks before the expiry date, else - when your visitors will enter the site after the expiry date, they will get a very noticeable warning from their browser, that there is a problem with the SSL certificate, and you will lose traffic/customers.
Upvotes: 3
Related Questions
- How to certify a local server? SSL/TLS HTTPS
- TLS certificate on a production server
- How to secure a Spring soap service with certificates
- Using a self signed SSL certificate just for a web service
- SSL Certificate for Web Service Client
- How to TLS/SSL secure an internal web server?
- How Do I Avoid SSL Certificates during Development for a WCF endpoint that will be secured during Production
- providing SSL for Web Service that runs on IIS
- Authenticating servers - what's a good approach?
- Server cert and Client Truststore