- Product: Cross-Product
- Relevant for Installation Type: Multi-Tenant Direct, Dedicated-Direct, Total Care
In order to use a private domain name on a hosted server, ExLibris needs to upload a certificate to the hosted environment. This certificate needs to be issued to the private Domain Name Server (DNS) and signed by a recognized Certificate Authority (CA). At the present time, in order to obtain the signed certificate, ExLibris provides the customer with a Certificate Signing Request (CSR) and the customer returns a signed certificate to be uploaded.
The type of certificate that needs to be purchased varies by product, environment setup, and customer preference; if you are not certain what kind of certificate is required, please mention that when creating the case.
This article is only required for the initial setup of custom domains on Ex Libris hosted environments, for RENEWAL of existing setups you will be notified by Ex Libris that your certificate is about to expire. The notification will include the necessary steps required.
What is a CSR?
A CSR is a message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate. The CSR is produced from a public key together with identifying information from the applicant and is derived from a generated private key. The private key is not moved from the hosted environment and remains protected at all times.
Certificate production process:
- A request is received by ExLibris to use a custom domain name on a hosted environment via SSL.
- ExLibris staff will request identifying information from the customer to be used in the creation of the CSR.
- ExLibris will generate the CSR and provide it to the customer.
- The customer will pass the CSR to a certificate authority such as GoDaddy, GeoTrust, etc., with a request to receive a signed certificate.
Please verify that the certificate has SHA2 encryption or higher.
- The Customer will then pass the signed certificate to ExLibris to be uploaded to the hosted environment.
- Customer need to add the DNS entry of the new host name as a CNAME.
The "Time to Live" (TTL) should be configured to no more than 5 minutes
Details required to generate the CSR
To generate the CSR, ExLibris will require the following information from the customer:
- Common Name: The fully-qualified domain name (FQDN), host name, or URL to apply to the certificate. (This URL should have a CNAME pointing to the environment’s domain name)
- Organization: The name under which the customer’s organization is legally registered
- Division: To differentiate between divisions within an organization
- Locality: Name of the city in which the customer’s organization is registered
- State or Province: Name of state or province where the customer’s organization is registered
- Country: The two-letter country code for the country in which the customer’s organization is registered
- Email Address: An email address to contact the organization. Usually the email address of the certificate administrator or IT department.
- Article last edited: 10-July-2017