Software KPI's tells you about certificates, but sometimes you have a bundle of 3-4 certificate for one domain. It is called core certificate and they all come together so it is like you have one, if you have it for one domain

SSL Certificate Renew 2021 
total 3 steps
1. buy the cert
2. wait for to validate 
3. install and then wait for validate

step 1

Will need this cert FTP And Webserver

At first, Need to buy the SSL certificate from this website: https://www.sslpoint.com/

It might take a couple of hours or max of 24 hours to validate the cert. 

Step 2

 

I will write here steps.

1. We need to find where are we using certificates

 

From “Certificates” in software we can see that we need to cover *.galaxysoftwareinc.com

servers.

 

2. To find what we have for that server we do name-server search

(you can paste this link to get report: 

https://pingability.com/zoneinfo.jsp?domain=galaxysoftwareinc.com)

 

3. We see that our nameservers are set up via dnsmadeeasy.com (you can access data in hosted info) 

 

4. Once you’re in check galaxysoftwareinc.com domain name and you will get list of all records

 

5. I can’t capture it via gyazo so please note this: selected items from CNAME records don’t have alias to external domain so they are pointing to our web server(s), and we need to update certificate on those servers (can be one or more of them)

 

6. As we can see ww3.galaxysoftwareinc.com points to our server for file downloads, if I remeber correctly it is our server with IIS installed

 

(just using brokerinspector.com to ping for IP address, but it seems I can’t log it)

We can do it via pingability.com just enter full domain ww3.galaxysoftwareinc.com or click this

link:

https://pingability.com/zoneinfo.jsp?domain=ww3.galaxysoftwareinc.com

 

7. We found it, and it’s Ukfasthost server

 

8. Now we open IIS and we search for certificate

 

9. Once you find certificate in IIS you need to create CSR (Create Certificate Request), you can do it simply by clicking link under Actions tab once you open Server Certificates 

 

10. Fill certificate data, enter Alpha 2 ISO code for country

https://www.iso.org/obp/ui/#iso:code:3166:SC

 

11. Chose for Cryptographic service provide: Microsoft RSA, and Bit length: 2048

 

12. Under Specify a file name for the certificate request put: galaxysoftwareinc2023 (so we know it will expire in 2023) – max term we can buy is 2 years

 

13. You MUST choose path and file name before saving CSR (best to use something with this

methodology: C:\Users\graphite.rack\Documents\Galaxysoftwareinc-2021-2023

 

14. Once CSR is saved you can copy it and use it further to get valid certificate

 

15. We have certificate on one more server (unlock.galaxysoftwareinc.com) and we need to sort it there as well 

 

16. Repeat procedure to find it’s ip, and then just find what server is it on

(once you have checked it, and if we have asterisk certificate, i.e. *.galaxysoftwareinc.com it will work on all servers)

IMPORTANT: 

if you are using asterisk certificate on different types of servers, i.e. IIS, Apache or Nginx then you need to create conversion files to be able to import it on different platform.

 

17. Once you have all, copy CSR and paste it to certificate issuer page

 

18. Under authentication method choose DNS

dnsmadeeasy

Re DnsMadeEasy, if you just have one word without any dots then it is looking on our domain, if you have external services then you just ignore. So anything pointing to other domains just ignore

1. request the certificate from server and copy paste to ssl point and wait for to validate

 

 

Now we need to wait for certificate validation. Once that is sorted we can install it on the server and validate via DNS I’ll check tomorrow morning about validation status It should be granted in a few hours from now