SSL Configuration

Revision as of 17:20, 25 February 2018 by Sjakil (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Deutsch • ‎English • ‎русский

What is an SSL certificate?

SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of most sites.

SSL Certificates bind together:

  • A domain name, server name or hostname.
  • An organizational identity (i.e. company name) and location.

Taken from: https://www.globalsign.com/en/ssl-information-center/what-is-an-ssl-certificate/


Configuration

Zeno GUI offers you three ways to configure your SSL certificate:

Zeno openssl modal.png


Upload certificate

In case you already have a certificate (for example by using the LetsEncrypt service), you can upload it. Please note that Zeno GUI only accepts your certificate in PEM format.


Self-signed certificate

For most users that do not already have a certificate, there is a shortcut available called a self-signed certificate. As the name suggests, this method involves generating a certificate by yourself, on your own machine. Using such a certificate means that your browser will give you a warning about the fact that it was not generated by a certified authority. You can ignore this warning, https will still be enabled.

In order to generate a self signed certificate, you will need OpenSSL installed on your system. Please read the instructions specific to your operating system.


Linux

On linux systems, OpenSSL should be available out of the box. No need to take any action.


Windows

  • Download the openssl zip file and unzip it into your installation directory (https://zenocrypto.com/openssl.zip).
    • You should now have an extra subfolder called "openssl"

Zeno GUI needs to know where to locate the OpenSSL configuration file you've just installed. This can be specified using the environment variables.

setx OPENSSL_CONF "C:\Users\User\InstallDir\openssl\openssl.cfg"

  • Make sure to close the command prompt (it needs a restart) and restart Zeno GUI

The "Generate" button should now work.


MacOS

You can use Homebrew on MacOS to install OpenSSL. Open a terminal window and run the commands in following steps:

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

  • Install OpenSSL using Homebrew

brew install openssl

  • Restart Zeno GUI

The "Generate" button should now work.


No certificate

You can use this option if you want to skip the initial SSL configuration setup (and hopefully complete it later).