For a Custom URL or subdomain request, please attach the following files to the SES Support Ticket:  


The CSR, Private Key and the SSL Certificate (.crt, .chain and .key extension)

Name of requested URL ______________________________________

Primary Domain ____________________________________________


Here's an example of the 4 files needed:  

    marketplace.test-domain.crt

    marketplace.test-domain.chain

    marketplace.test-domain.key

    marketplace.test-domain.req


You can use can an online CSR & Key Generator or Wizard, such as https://decoder.link/csr_generator or https://csrgenerator.com  If you are not able to generate a CSR and Private Key for the desired subdomain, please ask your website Host provider to create the files for you.   If you were able to generate the CSR and Key files, please submit the CSR to a Certificate Authority - CA, (which can be your host provider such as Go Daddy)  to create the SSL Certificate.  The certificate type should be for Apache/Nginx servers.  And, if an IP address is required, please use - 35.231.84.10  


*Very Important! The Private Key and CSR files must match the SSL Cert.  Any mismatch of the files will create delays.


Please Note:  Tech Data will be host for the subdomain/custom URL, so do not pay for Hosting services for your subdomain and do not pay for expensive SSL or Wildcard SSL's.  If you currently have a Wildcard SSL on your primary domain, Engineering will accept the Wildcard, however you will need to provide your Private Key.  

Also note:  Tech Data Engineering team will install the Certs on our Servers, not your servers, not your Host provider servers via cPanel. (Step away from the cPanel!)  




If you have questions about CSR, Private Keys and SSL Certs, I have provided information, links and a video below:


CSR (Certificate Signing Request)

A CSR is an encoded file that provides you with a standardized way to send DigiCert your public key as well as some information that identifies your company and domain name. When you generate a CSR, most server software asks for the following information: common name (e.g., www.example.com), organization name and location (country, state/province, city/town), key type (typically RSA), and key size (2048-bit minimum).  CSRs are used in the process of public key cryptography, which is used to validate identities on the Internet.   A requestor could use tools like a CSR Generator to create the CSR and Key files, but be sure to send the files to an SSL provider like Go Daddy to create the SSL Cert file.  


REQ Files

A REQ file is a file used in the process of setting up a digital certificate. It stores a Certificate Signing Request (CSR), which includes information that uniquely identifies the initiator of the request. REQ files are sent to trusted entities (certificate authorities) who use the requests to generate valid digital certificates for the requesters.  The “.key ” file is required for Engineering to install the SSL cert on the server.   For more information regarding CSR and REQ files, please see Creating a Certificate Signing Request (CSR) on YouTube.  I recommend stopping the video after 2:09 minutes as the rest of the video is intended for the Engineering team.


What is contained in a CSR?

Common Name: The FQDN (fully-qualified domain name) you want to secure with the certificate (Examples: secure.website.org, *.domain.net, ses.monicacloudadmin.com).

Organization: The full legal name of your organization including the corporate identifier.

Organization Unit (OU): Your department such as ‘Information Technology’ or ‘Website Security.’

City or Locality: The locality or city where your organization is legally incorporated. Do not abbreviate.

State or Province: The state or province where your organization is legally incorporated. Do not abbreviate.

Country: The official two-letter country code (i.e. US, CH) where your organization is legally incorporated.


Here's an example of a CSR Generator:



  

Certificate Authority (CA) 

If have the required files, now it's time to forward the files to and certificate authority (CA), which can be your primary domain Hosting service or SSL provider, such as Go Daddy.   A certificate authority (CA) is an entity that is trusted to sign, issue, distribute and revoke digital certificates.  The majority of digital certificates serve two main functions:

    1. It verifies the identity of the applicant. With digital certificates, you can be ensured the entities (websites, companies, individuals, etc.) with whom you are interacting are really who they say they are. It binds a public key to an entity.

    2. It encrypts the data transferred between two systems so data can only be interpreted by the intended receiver.


SSL Certificates

An SSL certificate, or secure certificate, is a file installed on a secure Web server (Tech Data's server in this instance)  that identifies a website. This digital certificate establishes the identity and authenticity of the company or merchant so that online shoppers can trust that the website is secure and reliable. In order to verify that these sites are legitimate (they are who they say they are), the companies and their websites are verified by a third party, such as Verisign or Thawte.


Because digital certificates verify a company's current status, they do not last forever. SSL certificates typically expire every one to three years. If the certificate is not renewed in time, you may see an alert box pop up that says "This website's certificate has expired."


Reminder:  Please attach all 4 files to the SES Support ticket.  


Please open a SES Freshdesk ticket if assistance is needed.