RC Handbook

Welcome to the RC Handbook RC Site Sections RC Position Descriptions Digital Publishing Overview Web Development Overview RC Tech Stack & Software Communication & DH Resources

Production Documentation

Production & Publication Schedules File Management Preparing Files for Copyediting RC Copyediting Guide

Copyediting Instructions & Resources

Guide to Author Comments & Queries

Returning Copyedits & Accepting Changes

Romantic Circles House Style (for copyeditors)

Preparing Word Files for XML Conversion RC Text Encoding Initiative (TEI) Guidelines

TEI Coding Walkthrough

RC TEI Header

RC TEI Style

XSLT —> TEI to HTML & Corpus Transformations

Digital Publishing Guide

Creating the TOC and Author Pages

Uploading Files (SFTP + File System)

Importing Content to the Drupal CMS

Image and Media Sourcing Guide

Digital Proofing Guide

Publishing & Advertising

Technical Documentation

Drupal Overview

Admin Menus, Nav, & Basic Editing

Drupal Content Logics

Drupal Components

Feeds Importers + Config

Drupal Views

Drupal Assets (UI-based)

Media and Mapping

Drupal Maintenance (UI)

Acquia + Server Guide

LAMP Stack — Drupal's Web Infrastructure

Codebase, Database, Filebase

Acquia Environments — Dev, Stage, Prod + IDE

SSH Keys & Remote Server Access

MySQL Database

Composer — Updating & Maintaining the Site

SSL (Security) Certificate Renewal

Acquia Server Management

RC Git Guide

Installing Git and Cloning Repos

Using Git—An Overview

Jekyll + GitHub Pages Guide

Installing Jekyll + Dependencies

Jekyll Site Logics (Structure)

Jekyll Site Extended Features

Markdown Cheatsheet

Guide to RC's Coding and Markup Languages

Contributor Resources

Revision Checklist for Contributors RC Tagging Options RC House Style

SSL (Security) Certificate Renewal

SSL (Secure Sockets Layer) is the secure protocol that websites use to validate themselves to users and secure user data. Secure sites must display an SSL certificate, obtained through a CSR (Certificate Signing Request), to modern browsers to demonstrate their security status. SSL certificates must be periodically renewed in order to maintain the site’s security protocol (which enables the https site); at present, the longest certificate period available is one calendar year.

The RC site uses an affordable service called Comodo to furnish its SLL certificate once a year, though generally we purchase several years’ worth of renewals at a time. RC technical / assistant editors must go through the process of renewing these certificates once a year (currently, in mid-December).

This guide will walk you through the process:

When the SSL certificate is due for renewal, you (or a general editor) should recieve an e-mail (likely in late November). Log in to the Comodo site using the appropriate credentials (the general editors can provide them).Take any necessary steps to execute certificate renewal through Comodo’s CertPanel (accessed via the MyOrders panel). If a paid extension is required, contact a general editor for payment.
If a new CSR (Certificate Signing Request) is needed, generate one in Acquia Cloud by navigating to Prod / SSL / Generate CSR. This will generate a “Personal Key” string that you’ll upload to Comodo / CertPanel once the renewal transaction or process is complete.
Once the certificate is (re)issued, its status in CertPanel may say “Pending.” If so, you’ll need to re-validate your security status (i.e., prove that you have secure access to the site’s backend). Click on the “Pending” icon to open validation options.
Currently there is no “admin@romantic-circles.org” e-mail, which Comodo wants to use as the default validation. Change the validation/verification method to “http file upload.”
This should generate a new validation interface that will let you download a text file for verification. Download it.
Make sure your local git repository for the dev site is synced to the origin (“git pull”) and that you’re on a local branch that could be deployed to production.
In your local repo, navigate to: sites/devdesktop/romanticcircles-dev/docroot/.well- known/pki-validation/ (if you do not see the hidden folder “.well-known,” press SHIFT+COMMAND+[period key] to show all files). Copy the text (.txt) file you downloaded, without altering it, into this location (in the pki-validation folder).
This repository change will show up in your Git GUI (e.g., GitHub Desktop, GitKraken), if you’re using one. Commit the change and push it up to the Dev environment.
In Acquia Cloud Platform, you will see this commit in the task log on the Environments page. Once you do, deploy the dev code to the prod environment.
Once the code has deployed, return to the Comodo CertPanel tool. Click on the “search for file” validation button. If this succeeds, you’ll see a black screen with the secure text string. The CertPanel should now show “Validation Status: Valid.”
You’ll now have the option to download the certificate files from the bottom of the page. Do so. This downloads a zip file; once you unzip it, you’ll see several folders. All you need is the “Plain Text Files” folder.
Return to Acquia Cloud Platform. From the SSL page (under “Prod”), scroll to the “Certificate Signing Requests” section. Click on “Install” next to the CSR you just generated.
This will bring up a page with 3 fields. Your CSR “Private Key” should automatically appear in the middle field if this is a new certificate; if you see it, move on. If the field is blank, you’ve likely renewed an existing certificate, and you’ll need to pull the Private Key from the certificate being renewed. Click on the three-dot menu next to the old cert at the bottom of the page and select “View,” then copy ALL text in the “RSA Private Key” field after you click “Show.”
From the Comodo certificate “Plain Text” folder, cut and paste ALL of the text in the “romantic-circles_org.txt” file into the top “SSL Certificate” field. Then cut and paste ALL of the text in the “CA bundle.txt” file into the bottom “CA Intermediate Certificates” field.
Click “Install” at the bottom of the page. Once the certificate is successfully installed, you must activate it. Simply click “Activate” next to the new certificate on the SSL dashboard. Any older certificates will be automatically deactivated (and can be deleted).

Congrats: You’re done! To confirm the certificates are working, visit both https://romantic-circles.org and https://www.romantic-circles.org.