SSL Certificates on webshops have been managed manually until now. This process is not error proof and can lead to incidents when certificates are not renewed in time.
A new process for automating this management and providing a dashboard has been devised. It is explained here.
A .key file typically contains the private key for an SSL/TLS certificate. To set up SSL certificate configuration using a .key file, you'll need to combine it with the corresponding certificate file (often in .crt or .pem format) and, optionally, any intermediate certificate authority (CA) certificates. Here are the general steps to set up SSL certificate configuration using a .key file:
If your certificate and intermediate certificates are in separate files, you may need to combine them into a single file. Typically, the order should be:
You can combine these files using a text editor or command-line tools like `cat` in Unix/Linux systems:
cat domain.key domain.crt intermediate.crt > combined.pem
Remember to keep your private key secure, as it is critical for the security of your SSL/TLS certificate.
Open the Certificate management part in the Back Office (Institution / Tools / Certificates)
Create a new certificate
Select "SSL" Certificate type
Insert the SSL Certificate files in the entry form
When uploading the new certificate the expiration date is parsed from SSL certificate. If retrieval is not possible an expiration date is asked for.
The whole process is explained in the video below
Open the Point of Sales interface, select a Sales Channel and select "SSL Management"
Select one of two choices:
Certificates can be managed directly in the certificates window where expiration dates are displayed.
Alerts are also displayed on the back office when a certificate is expired
In case you need to create a SSL certificate for Apple Pay first, please follow this additional process
Get an Apple merchant certificate from Apple
Click on "New" and "Apple Merchant identity" and store the certificate there
This will store the merchant certificate on the /wellknown path for Apple to see. Apple will provide you a SSL certificate in return