In CloudBlue Commerce, you can generate a self-signed certificate or create a Certificate Signing Request (CSR) to get your certificate from a certificate authority (CA). In this chapter, the step sequence for both procedures is described.
Notes on certificates:
- In order to use an SSL certificate for a given domain, the domain must be set up for IP-based hosting.
- For your domains, you can use either a self-signed certificate or a certificate signed by a recognized CA. The self-signed certificate is valid and secure, but many clients prefer certificates signed by known CAs.
- If using an SSL certificate issued by a CA other than Thawte or Verisign, a root chain certificate is required to appropriately identify and authenticate the CA that has issued your SSL certificate.
- If the given domain has the www prefix enabled, you must set up your CSR or self-signed certificate with the www prefix included. If you do not, you will receive a warning message when trying to access the domain with the www prefix.
- You can use a wildcard SSL certificate to secure multiple subdomains with a single SSL certificate, reducing management time and cost. Using the wildcard notation (*.provider.com) allows you to extend security to all servers in your infrastructure.
Note: Wildcard SSL certificates do not protect multi-level domains. For example, a wildcard SSL certificate for *.provider.com will protect eu.provider.com, but will not protect fr.eu.provider.com.