Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Sorry, I just filled out the autofill area!
I have put the certsage file in public and in my address directory in C panel and then gone to www.(my website).php and tried to get the certificate and then it says password incorrect (which I got from the password txt file).
Maybe I put in the wrong root directory?
Thanks! Amanda
That does sound like the way to go in general terms (but it lacks details). However:
Well, currently I cannot see certsage.php. I can see certsage.txt (at http://amandagreenleestherapy.co.uk/certsage.txt), which should be renamed to certsage.php. So not sure where you put the password in exactly? Because it looks like you didn't enter it at CertSage itself. (Because that's not working.)
Can you elaborate more on the exact steps you did? For example, "and in my address directory in C panel" doesn't really say much to me. Also, "and tried to get the certificate" is rather vague and still would require a crystal ball to know what you exactly did. Where did you try to get a certificate? CertSage? cPanel?
Or perhaps did you just upload certsage.txt without following the CertSage instructions and tried to get the certificate somewhere else entirely?
I then went to the file manager and uploaded it within public_html (which is under /home/)
I changed the certsage.txt to certsage.php
I then tried to go to https://[mywebsite.co.uk)/certsagephp but it only says it’s not a page on my website, although yesterday it did take me to CertSage and I failed at the password entry stage.
That is now as far as I can get - to it just saying page not found on my website so I have clearly done something completely wrong! Hope that is clearer and apols for my vagueness earlier.
For some reason I can only see certsage.txt on your website at CertSage but no http://amandagreenleestherapy.co.uk/certsage.php? Did you do the change of the extension correctly? Where exactly? I assume you now have a /home/public_html/certsage.php file?
Probably because somehow it's still called .txt at the end.
Yeah no, that CertSage is just a demo on the site of the developer @griffin. Not your instance of CertSage, so your password wouldn't work. And even if somehow your password would magically work, it would be of no good for your webserver.
Also, the version of the certsage.txt currently on your website is version 1.4.0, not the 1.4.1 you said you've downloaded. Did you attempt to run CertSage in the past by any chance? Can you find/locate this 1.4.0 certsage.txt somewhere on your website?
I didn't have it previously but I tried it about 3 times yesterday and at one point did realise I had an older version I then thought I had deleted. Unfortunately I wouldn't even try to do this myself but was in a panic yesterday when I realised my SSL had expired and TSO won't help me install a new free one. I would have paid except I want to move to elsewhere. Anyway, I will delete all the files and then start over with the right version!
So the steps you've followed seem to be the correct one, except for trying CertSage at the site of the developer: you should really only use the CertSage, once properly "installed" (as far as you can call uploading and changing the extension to .php installing ), on your own website.
As you can see I am not tech enough for this. Not even sure what I did wrong there haha.
I have at least managed to get through the password stage but as I have two sites (only one I need to work) may that is also an issue. I think I just need to move provider....
Looking at crt.sh | amandagreenleestherapy.co.uk you've got your new certificate. Two even.. Whoops. But one of those should be fine to install. Although.. You already had those issued earlier today? So CertSage did work at some time earlier this afternoon?
@griffin Does CertSage have some kind of certificate storage and does it keep track? Because this "one time fire and forget" is a little bit cumbersome.
If Certsage remembers the previous cert, I guess @Scarlett29 only needs to install the most recent one
I think you "just" need to install it in the " Install Certificate into cPanel" part of CertSage, using the same password? I guess CertSage will install the most recent cert it can find.
Thank you SOOO much for your help! I actually think I am just about there so hopefully my final question! . Gotten to the 'private key' part of the process which I thought might be the Certstage password?
No, almost certainly not. A private key in the context of certificates is one of the two parts of an asymmetric key: you've got the public part which is embedded into the certificate and the private key part which, well, should be kept private. As certificates are public, if someone gets hold of the private key, they could imitate your website (if they had the means to do so, because it would also require some DNS or other technical hijacking things). If the private key gets leaked, the certificate needs to get revoked.
The private key is required to "install" the certificate into the webserver, which with CertSage is usually done using cPanel. But you might need to somehow "manually" install it into your webhostings configuration panel, along with the certificate.
Ok - I will see if TSO will help as that is beyond me. Probably not but I will give it a go.
Thanks again for all your help!!!!!!! Greatly appreciated. Amanda
Assuming (hoping) I am doing it right, when I go to the 'certificates on site' area and press install (I had uploaded the certificate to this area) it autofills the CRT and CABUNDLE area but in the middle asks me for a private key.
This is in your websites control panel from TSO Host, right?
If you're talking about your TSO Host configuration panel for your website: you should enter the private key you found from CertSage here when trying to install the certificate (also from CertSage).
), on your own website.