Difference between revisions of "Enom SSL Certificates"

From WHMCS Documentation

(Setting up the Product)
(Reissuing)
 
(29 intermediate revisions by 7 users not shown)
Line 1: Line 1:
This module allows you to automate SSL Certificate sales with the Enom platform. This allows you to offer the following types of certificate:
+
==Supported Certificate Types==
 +
 
 +
This module automates SSL certificate sales through Enom. This allows you to offer the following types of certificate:
  
 
*GeoTrust QuickSSL
 
*GeoTrust QuickSSL
Line 7: Line 9:
 
*GeoTrust TrueBizID EV
 
*GeoTrust TrueBizID EV
 
*RapidSSL
 
*RapidSSL
*SBS Secure
+
*Comodo Essential
*SBS Secure Plus
+
*Comodo Instant
*SBS Instant
+
*Comodo Premium Wildcard
*SBS EV
+
*Comodo Essential Wildcard
*SBS SGC EV
+
*Comodo EV
 +
*Comodo EV SGC
 
*VeriSign Secure Site
 
*VeriSign Secure Site
 
*VeriSign Secure Site Pro
 
*VeriSign Secure Site Pro
Line 17: Line 20:
 
*VeriSign Secure Site Pro EV
 
*VeriSign Secure Site Pro EV
  
==Setting up the Product==
+
==Setting Up Enom Products==
  
To setup an SSL certificate product, follow the steps below.
+
<html><a href="https://www.youtube.com/watch?v=frXGunb2vY0&hd=1" class="docs-video-tutorial"><em>Watch the video tutorial for this feature.</em><span>&nbsp;<img src="https://assets.whmcs.com/icons/youtube.png">&nbsp;</span></a></html>
  
# Create a product as normal - name, description, no domain options, etc...
+
To set up an SSL certificate product:
# Set the billing cycle to One Time and price as the base price for this certificate
 
# Ensure the welcome email is set to "None" in the dropdown menu as the module sends it's own email
 
# On the module settings tab, choose "Enomssl"
 
# Now enter your enom login details and choose the certificate type and length being offered with this product in the fields displayed
 
# Additionally, you can let the client choose these options on the order form and alter the price accordingly using configurable options. The option names supported to override the default settings are "Certificate Type" and/or "Years" - you can use both, just the years option or even neither.
 
  
===Multiple Years===
+
# Create a product normally.
As mentioned above you can allow clients to choose how long the certificate is registered for. To do this you set the product up as normal with a one time cycle and base price of zero.
+
# Set the billing cycle to ''One Time''.
 +
# Set the price.
 +
# Set the welcome email to ''None''.
 +
# In the '''Module Settings''' tab, select ''Enomssl''.
 +
# Enter your Enom credentials.
 +
# Choose the certificate type and length to offer.
 +
# Optionally, configure the product to allow clients to choose a different certificate type and pricing using a <tt>Certificate Type</tt> [[Configurable_Options|configurable option]].
  
Then in Setup > Configurable Options create an option group and in it add an option named "Years" with a dropdown of the year options and prices in the monthly field.
+
<div class="docs-alert-warning">
 +
<span class="title">Register your IP Address with Enom</span><br />
 +
Because access to Enom's API is IP address-restricted, you must register the IP address from which you will connect your account. For more information, see '''IP Address Registration''' below.
 +
</div>
  
That then shows on the product configuration screen for the user to choose from when ordering and the price charged is the value of the option selected.
+
==IP Address Registration (User not permitted from this IP address)==
 +
 
 +
To use the Enom API, you must first contact them with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.
 +
 
 +
To do this:
 +
 
 +
* Log in to your account on the [https://www.enom.com/resellers/reseller-account.aspx Enom website].
 +
* Go to '''Resellers > Manage > API'''.
 +
* Enter your server's IP address in '''New'''.
 +
* Click "add".
  
 
==The Order Process==
 
==The Order Process==
  
The product will appear in the order process as a regular product which can be added to the cart.  No configuration is performed before purchase. Once purchased, paid for, and activated, the user is sent an email containing a link which takes them to configure the certificate in the client area.  Once all details have been provided, the configuration data is sent to the Certificate Authority for validation. No manual intervention is required from you.
+
The product will appear in the order process as a regular product that clients can add to the cart.  The system will not perform any configuration before purchase.
 +
 
 +
After purchase, payment, and activation, the client will receive an email linking to certificate configuration in the Client Area. After the client sets the configuration, the system sends this data to the Certificate Authority for validation. After the Certificate Authority issues the certificate, the client will receive an email with instructions to install it on their hosting account.
  
 
==Renewal==
 
==Renewal==
  
Due to limitations in Enom's API, SSL certificates cannot be renewed. Therefore your clients will need to place a new order when the certificate period ends and it's due for renewal. This is why we recommend setting up as a one time product in WHMCS.
+
Due to limitations in Enom's API, the system cannot renew SSL certificates. Clients must place a new order when the certificate period ends. Because of this, we recommend setting this up as a one-time product in WHMCS.
 +
 
 +
==Reissuing==
 +
 
 +
Typically, the certificate issuer is able to reissue a certificate. The process varies depending on the company from which you purchased your SSL certificate. 
 +
 
 +
<div class="docs-alert-danger">
 +
<span class="title">The Heartbleed Bug</span><br />
 +
If you are experiencing problems due to the Heartbleed Bug in OpenSSL, re-key your SSL certificates (below). For more information, see [http://blog.whmcs.com our blog post regarding Heartbleed].
 +
</div>
 +
 
 +
You will need the following information to complete a reissuance:
 +
 
 +
* Your full SSL domain name or order ID. If your SSL certificate included <tt>www</tt>, make certain to include it.
 +
* A new CSR request containing the exact same information as the original order.
 +
* The email address for the order. You must have access to this address.
 +
 
 +
 +
===Symantec (GeoTrust & RapidSSL)===
 +
 
 +
GeoTrust SSL certificates include free reissues and replacements for the lifetime of the certificate. GeoTrust will reissue or replace SSL certificates that have not expired for the exact same Fully-Qualified Domain Name (FQDN). To qualify for reissuance, all existing core SSL certificate details must remain the same (including the FQDN).
 +
 
 +
* GeoTrust provides [https://products.geotrust.com/orders/orderinformation/authentication.do a self-service portal] that allows you to do this.
 +
* You must use the '''admin email''' and not the approver email.
 +
 
 +
===Comodo===
 +
 
 +
For Comodo SSL certificates, reissuing is a manual process.  To initiate this, you must [https://www.enom.com/help/Default.aspx open a support ticket with eNom] and include the required details above.
 +
 
 +
Comodo also allows the option to change the common name on certificate from, for example, <tt>www.example.com</tt> to <tt>secure.example.com</tt>. The subdomain can change but not domain.
 +
 
 +
==Errors==
 +
===User not permitted from this IP address===
 +
This error indicates that you must contact Enom with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.
  
==Error: Invalid Client IP==
+
===Bad User name or Password===
In order to use the Enomssl API, you must first contact them and let them know the server IP address where you will be connecting from (the server IP address where you have WHMCS installed). This is part of Enom's security measures to prevent unauthorised users being able to submit registration requests to your account.
+
This error indicates that the username and password in the '''Module Settings''' tab may not match your Enom login details. If '''TestMode''' is enabled, make certain that you have [http://docs.whmcs.com/Enom#Test_Mode registered it on the test server].
  
----
+
<div class="docs-alert-info">
Discuss this feature: [[Talk:Enom_SSL_Certificates]]
+
The module's <tt>create</tt> function does not generate a username and password. The username and password fields will be blank under the client's '''[[Clients:Products/Services Tab|Products/Services]]''' tab.
 +
</div>

Latest revision as of 17:37, 28 December 2022

Supported Certificate Types

This module automates SSL certificate sales through Enom. This allows you to offer the following types of certificate:

  • GeoTrust QuickSSL
  • GeoTrust QuickSSL Premium
  • GeoTrust TrueBizID
  • GeoTrust TrueBizID Wildcard
  • GeoTrust TrueBizID EV
  • RapidSSL
  • Comodo Essential
  • Comodo Instant
  • Comodo Premium Wildcard
  • Comodo Essential Wildcard
  • Comodo EV
  • Comodo EV SGC
  • VeriSign Secure Site
  • VeriSign Secure Site Pro
  • VeriSign Secure Site EV
  • VeriSign Secure Site Pro EV

Setting Up Enom Products

Watch the video tutorial for this feature.  

To set up an SSL certificate product:

  1. Create a product normally.
  2. Set the billing cycle to One Time.
  3. Set the price.
  4. Set the welcome email to None.
  5. In the Module Settings tab, select Enomssl.
  6. Enter your Enom credentials.
  7. Choose the certificate type and length to offer.
  8. Optionally, configure the product to allow clients to choose a different certificate type and pricing using a Certificate Type configurable option.

Register your IP Address with Enom
Because access to Enom's API is IP address-restricted, you must register the IP address from which you will connect your account. For more information, see IP Address Registration below.

IP Address Registration (User not permitted from this IP address)

To use the Enom API, you must first contact them with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.

To do this:

  • Log in to your account on the Enom website.
  • Go to Resellers > Manage > API.
  • Enter your server's IP address in New.
  • Click "add".

The Order Process

The product will appear in the order process as a regular product that clients can add to the cart. The system will not perform any configuration before purchase.

After purchase, payment, and activation, the client will receive an email linking to certificate configuration in the Client Area. After the client sets the configuration, the system sends this data to the Certificate Authority for validation. After the Certificate Authority issues the certificate, the client will receive an email with instructions to install it on their hosting account.

Renewal

Due to limitations in Enom's API, the system cannot renew SSL certificates. Clients must place a new order when the certificate period ends. Because of this, we recommend setting this up as a one-time product in WHMCS.

Reissuing

Typically, the certificate issuer is able to reissue a certificate. The process varies depending on the company from which you purchased your SSL certificate.

The Heartbleed Bug
If you are experiencing problems due to the Heartbleed Bug in OpenSSL, re-key your SSL certificates (below). For more information, see our blog post regarding Heartbleed.

You will need the following information to complete a reissuance:

  • Your full SSL domain name or order ID. If your SSL certificate included www, make certain to include it.
  • A new CSR request containing the exact same information as the original order.
  • The email address for the order. You must have access to this address.


Symantec (GeoTrust & RapidSSL)

GeoTrust SSL certificates include free reissues and replacements for the lifetime of the certificate. GeoTrust will reissue or replace SSL certificates that have not expired for the exact same Fully-Qualified Domain Name (FQDN). To qualify for reissuance, all existing core SSL certificate details must remain the same (including the FQDN).

  • GeoTrust provides a self-service portal that allows you to do this.
  • You must use the admin email and not the approver email.

Comodo

For Comodo SSL certificates, reissuing is a manual process. To initiate this, you must open a support ticket with eNom and include the required details above.

Comodo also allows the option to change the common name on certificate from, for example, www.example.com to secure.example.com. The subdomain can change but not domain.

Errors

User not permitted from this IP address

This error indicates that you must contact Enom with the server IP address from which you will be connecting (your WHMCS installation's server IP address). This is a security precaution.

Bad User name or Password

This error indicates that the username and password in the Module Settings tab may not match your Enom login details. If TestMode is enabled, make certain that you have registered it on the test server.

The module's create function does not generate a username and password. The username and password fields will be blank under the client's Products/Services tab.

Retrieved from "http://3.17.75.209/index.php?title=Enom_SSL_Certificates&oldid=33799"