- Product: Cross-Product
- Relevant for Installation Type: Multi-Tenant Direct, Dedicated-Direct, Total Care
In order to use a private domain name on a hosted server, ExLibris needs to upload a certificate to the hosted environment. This certificate needs to be issued to the private Domain Name Server (DNS) and signed by a recognized Certificate Authority (CA). At the present time, in order to obtain the signed certificate, ExLibris provides the customer with a Certificate Signing Request (CSR) and the customer returns a signed certificate to be uploaded.
The type of certificate that needs to be purchased varies by product, environment setup, and customer preference; if you are not certain what kind of certificate is required, please mention that when creating the case.
What is a CSR?
A CSR is a message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate. The CSR is produced from a public key together with identifying information from the applicant and is derived from a generated private key. The private key is not moved from the hosted environment and remains protected at all times.
Certificate production process:
- A request is received by ExLibris to use a custom domain name on a hosted environment via SSL.
- ExLibris staff will request identifying information from the customer to be used in the creation of the CSR.
- ExLibris will generate the CSR and provide it to the customer.
- The customer will pass the CSR to a certificate authority such as GoDaddy, GeoTrust, etc., with a request to receive a signed certificate.
Please verify that the certificate has SHA2 encryption or higher.
- The Customer will then pass the signed certificate to ExLibris to be uploaded to the hosted environment.
- Customer need to add the DNS entry of the new host name
The "Time to Live" (TTL) should be configured to no more than 5 minutes
Details required to generate the CSR
To generate the CSR, ExLibris will require the following information from the customer:
- Common Name: The fully-qualified domain name (FQDN), host name, or URL to apply to the certificate. (This URL should have a CNAME pointing to the environment’s domain name)
- Organization: The name under which the customer’s organization is legally registered
- Division: To differentiate between divisions within an organization
- Locality: Name of the city in which the customer’s organization is registered
- State or Province: Name of state or province where the customer’s organization is registered
- Country: The two-letter country code for the country in which the customer’s organization is registered
- Email Address: An email address to contact the organization. Usually the email address of the certificate administrator or IT department.
- Article last edited: 10-July-2017