Manual SSL | Lifeboat Help

Manual SSL Certificates

Lifeboat was built to make deploying SSL easy with Let's Encrypt, but there may be the need to use a manual SSL certificate. Since manual SSL certificates aren't the core of Lifeboat, the feature set is disabled by default. Open Preferences and select the "Advanced" tab. Check / select the "Manual SSL tools" checkbox to activate the Manual SSL features.

With manual SSL tools enabled a new "Manual SSL" sub-menu will display in the contextual (right-click) menu for the Domains & Subdomains list. When a certificate is installed, the Not After (expiration) date is shown as the last item in this menu.

Configuring Manual SSL

Lifeboat can generate a CSR (Certificate Signing Request) for a domain that is given to a SSL provider to create a SSL signing certificate. Select the domain that will need a CSR then right-click and select "Manage CSR".

If a CSR has already been generated, it will be displayed. If there is no CSR yet, a request form will be displayed. Fill out the form and click "Create" to generate a new Private Key and CSR. This action will replace any existing CSR or Private Key.

Provide the CSR to the SSL provider and follow their instructions for verification. When complete, the SSL provider will deliver a SSL Certificate.

To install this certificate for the domain, once again select the domain and right-click. Select "Manage Certificate" from the SSL sub-menu. Paste the entire certificate chain (there may be multiple --BEGIN CERTIFICATE-- sections) into the text area and click "Upload SSL Certificate".

Lifeboat will perform some validation on the certificate before activating SSL. First, Lifeboat will check the certificate domain matches the domain being configured. Should the domains not match the software will alert you, but does allow you to continue anyway. Next, Lifeboat will check the public keys match between the Private Key file and Certificate Bundle. Should the public keys not match, Lifeboat will not activate SSL.

When everything checks out, Lifeboat will activate SSL Force mode. This can be changed to "Enabled" mode by configuring the domain once Manual SSL has been completed.