Chris Mendez in DevOps, For Developers, Openshift, SSL

Install GoDaddy SSL on Red Hat Openshift

Deprecated

Openshift v2.0 has now reached End of Life and will be replaced by v3.0.


Red Hat Openshift makes it really easy to install both SSL and use a custom domain. The first step is to upgrade your Openshift to Bronze so that you can gain access to the SSL form feature.

You will also need to purchase an SSL certificate. I purchased mine from GoDaddy.


Setup

The first thing you'll want to do is ensure that you've installed Red Hat's command-line tool using these instructions.

Step 1 - SSH into your Openshift app

Use this rhc command to log into your app.

rhc ssh -a <app name> --namespace <namespace>  

Note: Your --namespace is usually the name right after your app name. For example:

http://appname-namespace.rhcloud.com  

Step 2 - Change directory

cd ~/app-root/data  

Step 3 - Reviewing Openshift File Structure

If you'd like to understand more about the Openshift file structure, here is an excellent diagram.

Openshift File


Create an SSL certificate for Godaddy

Before you generate a CSR, you need to first generate a private key. This private key will be installed on the server together with the issued certificate. A private key should never be shared with anyone and should be protected by a passphrase. There are two ways to generate the CSR and private key.

Step 4 - Create an RSA Private Key

The following command will generate a 2048 bit RSA Private Key and stores it in the file appName.key.

openssl genrsa -des3 -out myPrivKey.key 2048  

Step 5 - Create a Certificate Signing Request

After you have generated the private key, use the following command to generate the CSR.

openssl req -new -key myPrivKey.key -out myCert.csr  

Step 6 - Complete CSR Form

You will be prompted to enter the some of the following information in order to generate the private key and CSR pair off the web server

Country Name (2 letter code) [XX]: US

State or Province Name (full name) []: California

Locality Name (eg, city) [Default City]: Los Angeles

Organization Name (eg, company) [Default Company Ltd]: Chris Mendez Inc. 

Organizational Unit Name (eg, section) []: I SKIP THIS

Common Name (eg, your name or your server's hostname) []: www.chrisjmendez.com

Email Address []: mail@chrisaiv.com  

Step 7 - Copy and Paste

Once the private key and CSR files are generated, display the content of myCert.csr file. Copy the entire block, including the BEGIN and END lines and paste it into where the CSR is requested on the website where you purchased the SSL.

nano myCert.csr  

Step 8 - Download Private Key

Download your private key file and save it as myPrivKey.key on your computer. Later, you will need to add this key file together with the SSL certificate for your domain to your application.

nano myPrivKey.key  

Resources

Helpful Openshift SSH Commands