Difference between revisions of "Enom SSL Certificates"
m (→Multiple Years) |
(→Reissuing) |
||
(9 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
==Supported Certificate Types== | ==Supported Certificate Types== | ||
− | This module | + | This module automates SSL certificate sales through Enom. This allows you to offer the following types of certificate: |
*GeoTrust QuickSSL | *GeoTrust QuickSSL | ||
Line 20: | Line 20: | ||
*VeriSign Secure Site Pro EV | *VeriSign Secure Site Pro EV | ||
− | ==Setting | + | ==Setting Up Enom Products== |
− | + | <html><a href="https://www.youtube.com/watch?v=frXGunb2vY0&hd=1" class="docs-video-tutorial"><em>Watch the video tutorial for this feature.</em><span> <img src="https://assets.whmcs.com/icons/youtube.png"> </span></a></html> | |
+ | To set up an SSL certificate product: | ||
− | + | # Create a product normally. | |
− | + | # Set the billing cycle to ''One Time''. | |
− | # Create a product | + | # Set the price. |
− | # Set the billing cycle to One Time | + | # Set the welcome email to ''None''. |
− | # | + | # In the '''Module Settings''' tab, select ''Enomssl''. |
− | # | + | # Enter your Enom credentials. |
− | # | + | # Choose the certificate type and length to offer. |
− | # | + | # Optionally, configure the product to allow clients to choose a different certificate type and pricing using a <tt>Certificate Type</tt> [[Configurable_Options|configurable option]]. |
<div class="docs-alert-warning"> | <div class="docs-alert-warning"> | ||
− | <span class="title">Register your IP with | + | <span class="title">Register your IP Address with Enom</span><br /> |
− | + | Because access to Enom's API is IP address-restricted, you must register the IP address from which you will connect your account. For more information, see '''IP Address Registration''' below. | |
</div> | </div> | ||
− | ==IP Registration (User not permitted from this IP address)== | + | ==IP Address Registration (User not permitted from this IP address)== |
− | + | To use the Enom API, you must first contact them with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution. | |
− | * | + | |
− | * | + | To do this: |
− | * Enter your server's IP address | + | |
+ | * Log in to your account on the [https://www.enom.com/resellers/reseller-account.aspx Enom website]. | ||
+ | * Go to '''Resellers > Manage > API'''. | ||
+ | * Enter your server's IP address in '''New'''. | ||
* Click "add". | * Click "add". | ||
− | === | + | ==The Order Process== |
− | + | ||
+ | The product will appear in the order process as a regular product that clients can add to the cart. The system will not perform any configuration before purchase. | ||
+ | |||
+ | After purchase, payment, and activation, the client will receive an email linking to certificate configuration in the Client Area. After the client sets the configuration, the system sends this data to the Certificate Authority for validation. After the Certificate Authority issues the certificate, the client will receive an email with instructions to install it on their hosting account. | ||
+ | |||
+ | ==Renewal== | ||
+ | |||
+ | Due to limitations in Enom's API, the system cannot renew SSL certificates. Clients must place a new order when the certificate period ends. Because of this, we recommend setting this up as a one-time product in WHMCS. | ||
+ | |||
+ | ==Reissuing== | ||
− | + | Typically, the certificate issuer is able to reissue a certificate. The process varies depending on the company from which you purchased your SSL certificate. | |
− | + | <div class="docs-alert-danger"> | |
+ | <span class="title">The Heartbleed Bug</span><br /> | ||
+ | If you are experiencing problems due to the Heartbleed Bug in OpenSSL, re-key your SSL certificates (below). For more information, see [http://blog.whmcs.com our blog post regarding Heartbleed]. | ||
+ | </div> | ||
− | + | You will need the following information to complete a reissuance: | |
− | == | + | * Your full SSL domain name or order ID. If your SSL certificate included <tt>www</tt>, make certain to include it. |
+ | * A new CSR request containing the exact same information as the original order. | ||
+ | * The email address for the order. You must have access to this address. | ||
+ | |||
+ | |||
+ | ===Symantec (GeoTrust & RapidSSL)=== | ||
+ | |||
+ | GeoTrust SSL certificates include free reissues and replacements for the lifetime of the certificate. GeoTrust will reissue or replace SSL certificates that have not expired for the exact same Fully-Qualified Domain Name (FQDN). To qualify for reissuance, all existing core SSL certificate details must remain the same (including the FQDN). | ||
− | + | * GeoTrust provides [https://products.geotrust.com/orders/orderinformation/authentication.do a self-service portal] that allows you to do this. | |
+ | * You must use the '''admin email''' and not the approver email. | ||
− | == | + | ===Comodo=== |
− | + | For Comodo SSL certificates, reissuing is a manual process. To initiate this, you must [https://www.enom.com/help/Default.aspx open a support ticket with eNom] and include the required details above. | |
− | + | Comodo also allows the option to change the common name on certificate from, for example, <tt>www.example.com</tt> to <tt>secure.example.com</tt>. The subdomain can change but not domain. | |
− | |||
==Errors== | ==Errors== | ||
===User not permitted from this IP address=== | ===User not permitted from this IP address=== | ||
− | + | This error indicates that you must contact Enom with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution. | |
===Bad User name or Password=== | ===Bad User name or Password=== | ||
− | + | This error indicates that the username and password in the '''Module Settings''' tab may not match your Enom login details. If '''TestMode''' is enabled, make certain that you have [http://docs.whmcs.com/Enom#Test_Mode registered it on the test server]. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<div class="docs-alert-info"> | <div class="docs-alert-info"> | ||
− | < | + | The module's <tt>create</tt> function does not generate a username and password. The username and password fields will be blank under the client's '''[[Clients:Products/Services Tab|Products/Services]]''' tab. |
− | |||
</div> | </div> |
Latest revision as of 17:37, 28 December 2022
Contents
Supported Certificate Types
This module automates SSL certificate sales through Enom. This allows you to offer the following types of certificate:
- GeoTrust QuickSSL
- GeoTrust QuickSSL Premium
- GeoTrust TrueBizID
- GeoTrust TrueBizID Wildcard
- GeoTrust TrueBizID EV
- RapidSSL
- Comodo Essential
- Comodo Instant
- Comodo Premium Wildcard
- Comodo Essential Wildcard
- Comodo EV
- Comodo EV SGC
- VeriSign Secure Site
- VeriSign Secure Site Pro
- VeriSign Secure Site EV
- VeriSign Secure Site Pro EV
Setting Up Enom Products
Watch the video tutorial for this feature.
To set up an SSL certificate product:
- Create a product normally.
- Set the billing cycle to One Time.
- Set the price.
- Set the welcome email to None.
- In the Module Settings tab, select Enomssl.
- Enter your Enom credentials.
- Choose the certificate type and length to offer.
- Optionally, configure the product to allow clients to choose a different certificate type and pricing using a Certificate Type configurable option.
Register your IP Address with Enom
Because access to Enom's API is IP address-restricted, you must register the IP address from which you will connect your account. For more information, see IP Address Registration below.
IP Address Registration (User not permitted from this IP address)
To use the Enom API, you must first contact them with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.
To do this:
- Log in to your account on the Enom website.
- Go to Resellers > Manage > API.
- Enter your server's IP address in New.
- Click "add".
The Order Process
The product will appear in the order process as a regular product that clients can add to the cart. The system will not perform any configuration before purchase.
After purchase, payment, and activation, the client will receive an email linking to certificate configuration in the Client Area. After the client sets the configuration, the system sends this data to the Certificate Authority for validation. After the Certificate Authority issues the certificate, the client will receive an email with instructions to install it on their hosting account.
Renewal
Due to limitations in Enom's API, the system cannot renew SSL certificates. Clients must place a new order when the certificate period ends. Because of this, we recommend setting this up as a one-time product in WHMCS.
Reissuing
Typically, the certificate issuer is able to reissue a certificate. The process varies depending on the company from which you purchased your SSL certificate.
The Heartbleed Bug
If you are experiencing problems due to the Heartbleed Bug in OpenSSL, re-key your SSL certificates (below). For more information, see our blog post regarding Heartbleed.
You will need the following information to complete a reissuance:
- Your full SSL domain name or order ID. If your SSL certificate included www, make certain to include it.
- A new CSR request containing the exact same information as the original order.
- The email address for the order. You must have access to this address.
Symantec (GeoTrust & RapidSSL)
GeoTrust SSL certificates include free reissues and replacements for the lifetime of the certificate. GeoTrust will reissue or replace SSL certificates that have not expired for the exact same Fully-Qualified Domain Name (FQDN). To qualify for reissuance, all existing core SSL certificate details must remain the same (including the FQDN).
- GeoTrust provides a self-service portal that allows you to do this.
- You must use the admin email and not the approver email.
Comodo
For Comodo SSL certificates, reissuing is a manual process. To initiate this, you must open a support ticket with eNom and include the required details above.
Comodo also allows the option to change the common name on certificate from, for example, www.example.com to secure.example.com. The subdomain can change but not domain.
Errors
User not permitted from this IP address
This error indicates that you must contact Enom with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.
Bad User name or Password
This error indicates that the username and password in the Module Settings tab may not match your Enom login details. If TestMode is enabled, make certain that you have registered it on the test server.
The module's create function does not generate a username and password. The username and password fields will be blank under the client's Products/Services tab.