If you prefer not to use a CivicPlus-provided SSL certificate, you may opt to provide an SSL certificate of your choice. We currently accept all types of SSL certificates, including standard, wildcard, and multi-domain certificates. The following steps outline the process to obtain an SSL certificate from a certificate authority and provide this to CivicPlus in the necessary format.
When you provide an SSL certificate, deliverables for CivicPlus include:
PFX file
Password
Important Note:
CivicPlus does not generate the Certificate Signing Request (CSR) for customer-provided SSL certificates. This will allow you to control both the public and private keys.
When you provide a certificate for implementation on other servers, CivicPlus will need the new PFX file every time the certificate must re-key. Similarly, CivicPlus will need the new PFX file to renew certificates. You must provide these prior to the expiration date to prevent any certificate errors on the website.
The instructions in the article describe how to generate a PFX file. Other SSL certificate providers may have different processes for generating a PFX file. Please contact your SSL provider for specific instructions.
Instructions
The following instructions use the DigiCert Certificate Utility. The steps will appear differently on your specific server's operating system, but the process is similar.
Click Create CSR to generate a CSR (Certificate Signing Request):
Enter the details for the CSR:
Certificate Type: Select SSL
Common Name: Enter your site
Subject Alternative Names: Enter any other names for your site
Organization: Enter your company name
Department: Enter your department
City/State/County: Enter your address information
Key Size: Minimum of 2048-RSA encryption
Click Generate:
Click Copy CSR (this is the public key) and provide this to the certificate authority (CA):
Paste the CSR in the certificate request with the CA:
Download the signed certificate to your computer
Use the DigiCert utility and select Import to import the signed certificate:
Click Browse to locate the file on your computer (file ends in .cer):
Enter the friendly name for the certificate or accept the default name
Note:
The friendly name is not part of the certificate, but does identify the certificate.
Select Finish. The certificate will import and list under the SSL tab on the DigiCert Certificate Utility:
Select the certificate and click Export Certificate:
Select Yes, export the private key:
Note:
Check the PFX file and Include all certificates in the certification path if possible boxes.
Select Next:
Configure a complex Password (8 characters or more) for the certificate:
Note:
Please remember this password, you will need it in order for CivicPlus to import the certificate.
Select Next:
Click Finish:
Select OK on the confirmation pop-up:
Send the PFX file and password to CivicPlus using our online encrypted SSL submission form