Crt file from a csr & key file

Hi there,

I’m really bad at all this SSL stuff, hence please excuse me if my question sounds silly.

We are working with a client that needs to redirect from their domain (www.yallamotors.com) to our domain: carprices.amenaauto.org.

My client has requested us to provide them with a .crt and .key (private) file from our hosting provider (WPEngine) in order to be able to redirect from their domain to our domain. The .crt file needs to be in the following specs:

  1. .crt file in PEM format for nginx/apache server
  2. SHA 256
  3. 2K length

Upon chatting with WPEngine, they can only provide me with a .csr and .key (private key) file as they do not have the tools to convert it to .crt (PEM). Upon googling on how to get this .crt file, I have found out that this .crt file needs to be generated by a valid CA.

Is this something that LetsEncrypt can do? I would appreciate if someone could point me in the right direction (with the steps please) on how I should acquire this .crt file with private key in the above-mentioned specs.

Thanks

While it’s not hard to generate a certificate, something about your story makes me question whether you are going about this the right way.

The reason is, even if you make a certificate today, it will only be valid for 90 days. What are you going to do 90 days from now - email them again with a new certificate? The process isn’t realistic.

Usually people setup tools to perform automatic SSL and renewal for them via Let’s Encrypt, without messing about with manually acquiring .crt files etc… For example, using https://certbot.eff.org/ will do all the CSR, key and certificate stuff for you.

What is the nature of this redirection? Are you moving a website to WP Engine?

WP Engine offers free automatic SSL once you point your domain to them - it shouldn’t be necessary to send a certificate to them.

@_az: Thanks for your prompt response.
I do agree that I may not be going about this the right way and would definitely appreciate some sound advice.

The nature of this connection is more of a redirection from a link on www.yallamotors.com to carprices.amenaauto.org.

Can you explain more on “WP Engine offers free automatic SSL once you point your domain to them - it shouldn’t be necessary to send a certificate to them.”?

Hi @webnoel

if you want a redirect from www.yallamotors.com to another domain and if the call of www.yallamotors.com should be secured (https), then you need a certificate on www.yallamotors.com

The destination and the hoster of the destination aren't relevant.

But: There is a redirect (301) carprices.amenauto.org -> www.yallamotors.com

So if you want to create a redirect from www.yallamotors.com -> carprices.amenauto.org - you have a loop.

It's described in

I'm not really seeing the "why" in this? Why would your client need a certificate and the private key to your domain?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.