I recently had to renew the TLS certificate on csl.name, which is hosted on NearlyFreeSpeech (NFSN). But I had forgotten how to. So I decided to post a condensed version of the steps found here on my own site.
First I made a secret key on the NearlyFreeSpeech login server (aliases as
Using this, I made a certificate signing request (CSR). I left most fields
blank, except FQDN, which had to be
After buying the Comodo PositiveSSL certificate on NameCheap, pasting the CSR into their SSL wizard and completing the DCV verification (any method is fine), I got a ZIP-file containing the already bundled-up TLS certificate chain along with the certificate itself.
Next I copied the files over and verified them:
Note that this process failed locally, probably because I had an older version of OpenSSL.
The final step was to file a support request with NFSN to install the
certificate, which they promptly did. Just be sure that the
/home/protected/ssl directory contains the all the necessary files:
By the way, if you're thinking about doing this you may want to consider trying LetsEncrypt.org, which give you free TLS certificates. I don't know much about them, or how many browsers support their CA, and so on, but it's worth a shot.