Send Your Self-Managed SSL Certificate to Uberflip

Follow

If you set up SSL on your Hub and have chosen to use a self-managed SSL certificate, you need to obtain and share the SSL certificate with us so that we can complete the SSL setup. Here's how.


 

Before You Begin

  • Throughout this article (and elsewhere in our documentation) we use the term "SSL". SSL has now been deprecated in favor of the newer TLS protocol, but "SSL" is still the more commonly used term when referring to encrypted web connections. To be clear, whenever we use "SSL", we technically mean "TLS" — you should no longer be using SSL on your website or your Hub.
  • To use self-managed SSL with your Hub, you must own an SSL certificate. If you do not have an SSL certificate yet, you will need to purchase one from a valid Certificate Authority (CA) vendor.

 

Generate a Certificate Signing Request (CSR)

Complete this step if you do not have an SSL certificate yet. If you already have an SSL certificate, proceed directly to the next step.

If you do not have an SSL certificate, you must purchase one from a Certificate Authority (CA). To do that, you'll need to provide the CA with a Certificate Signing Request (CSR). The CSR contains details about your domain and your organization that are required for the certificate.

To get the CSR, you have two options:

  • You can create your own CSR on your web server, or
  • Uberflip can create the CSR for you 

Option 1: Generate Your Own CSR

If you're comfortable with generating the CSR on your own web servers, simply go ahead and do so. Your organization's processes for generating a CSR and obtaining a certificate may require information about the server system on which the certificate will be installed. If this is the case, Uberflip's main server technologies are:

  • Apache
  • HAProxy
  • NGINX
  • Pound

Once you have generated the CSR, use it to purchase the SSL certificate, then share the certificate with Uberflip.

Option 2: Ask Uberflip to Generate the CSR

If you prefer for Uberflip to generate the CSR for you, please send us an email to support@uberflip.com, with the following details:

Subject:

CSR Request - [your custom domain]

Example: CSR Request - resources.mycompany.com

Body:

  • Common Name
    The fully qualified domain name (FQDN) of your server. This must match exactly what you type in your web browser or you will receive a name mismatch error.
    • Example: resources.mycompany.com
  • Organization
    The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
    • Example: MyCompany Inc.
  • Organizational Unit
    The division of your organization that will handle the certificate.
    • Example: IT Department
  • City/Locality
    The city where your organization is located.
    • Example: San Francisco
  • State/County/Region
    The state/region where your organization is located. This shouldn't be abbreviated.
    • Example: California
  • Country
    The two-letter ISO 3166-1 alpha-2 code for the country where your organization is located.
    • Example: US
  • Email address
    An email address used to contact your organization.
    • Example: admin@mycompany.com

Once we have generated the CSR on our servers, we'll make it available to you (along with the private key required to use it) using a secure link on a self-destructing, single-use file sharing service (Securesha.re). We will share this link with the email address from which we received the request.

Once you have the CSR, you can use it to purchase your SSL certificate from a Certificate Authority.

 

Send Your SSL Certificate to Uberflip

Because Uberflip is SaaS, your Hub and the content on it is delivered from our servers — even if visitors are accessing the Hub via your custom domain. As a result, Uberflip needs to install your self-managed SSL certificate on our servers, so you will need to send it to us.

Certificate Format

You can send us the certificate in any valid file format, but we prefer certificates in PEM format (i.e. certificate files with a .pem, .crt, .cer, or .key file extension). Since we can directly install PEM format certificates without needing to convert them, sending us the certificate in this format will allow us to complete your SSL setup faster.

Sending the SSL Certificate Securely

Because the SSL certificate is sensitive, you should use a secure method to send it to us. We recommend using a secure file sharing service to create a single-use download link that self-destructs once the file is downloaded. We like to use Secureshar.re, but if you prefer another service, you are welcome to use that instead.

Please make sure to include the following when sharing your SSL certificate with Uberflip:

  • The SSL certificate file: This is the certificate itself, i.e. the PEM file (or similar).
  • The private key: This is the encryption/decryption key required to use the certificate, and is generally a separate file (if you're not sure where to find your private key, see this article).

When you have generated a secure download link, please email it to support@uberflip.com. As soon as your certificate has been installed and your SSL setup completed, we will notify you by email.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.