NetSuite Tips: Installing an SSL Certificate on SuiteCommerce

The importance of ensuring your website has an active SSL connection has never been more prevalent. In July 2018 Google Chrome (roughly owns a 50% market share of browsers used in the UK) started displaying websites with an “untrusted error” as well as Google actively saying an SSL certificate will help with organic ranking in their search results.
As well as the added benefits from search engines, their primary purpose is to keep important information/data safe. By encrypting the data customers enter on your website, you’re keeping their personal information secure such as bank details, address, contact information and anything they enter. With a surge of websites switching to HTTPs, it’s now estimated over 73% of webpages load up with a secure connection. Not all websites do however and some big brands haven’t made the switch yet, meaning customers are greeted with the page below when trying to access a secure connection.

Create a Private Key

We’re going to go ahead and presume you’ve purchased your SSL certificate from a reliable source, we tend to use GoDaddy SSL, however, any reputable company offering an SSL should do, you can even get a free SSL from Lets Encrypt.
Firstly you’re going to need download and install OpenSSL which is a toolkit for the Transport Layer Security or TLS. Once installed we can start the process of creating a private key;

  1. Open a command prompt on your desktop. You can do this by clicking Start > Accessories > Command Prompt, or type CMD into the Search/Run function of windows.
  2. Type C: then enter to change your directory
  3. Type openssl and enter
  4. Copy and paste the following code changing “sub.mydomainkey” to your subdomain and main domain

genrsa –des3 –out <sub.mydomainkey>.key 2048
Once you have completed these steps you will be required to enter a secure phrase. It’s very important you keep a record of this as it’s your password which protects your private key.

Generating a CSR (Certificate Signing Request)

When generating a new CSR the SSL provider may have specific instructions or guidelines. To generate the CSR;

  1. Open a command prompt on your desktop. You can do this by clicking Start > Accessories > Command Prompt, or type CMD into the Search/Run function of windows.
  2. Type C: then enter to change your directory
  3. Type openssl and enter
  4. Copy and paste the following code changing “sub.mydomainkey” to your subdomain and main domain

req –new –key <sub.mydomainkey>.key –out <sub.mydomainkeycsr>.csr
After this, you will be required to enter some information about your business and website. This will be;
[/vc_column_text][vc_row_inner][vc_column_inner][gem_table style=”3″ row_headers=”1″]

Name
Explanation
Example
Common Name The fully qualified domain name (FQDN) of your server. This must match what you type in your browser, if not then this will result in a mismatch error. https://noblue.co.uk
Organisation This is the legal name of your business. This should not be abbreviated and should be the full registered name, if you’re struggling then search your businesses name on https://beta.companieshouse.gov.uk/ NoBlue Limited
Organisation Unit The division/industry of your business Information technology consultancy activities
City/Locality The city your business is located Nottingham
State/County/Region The county/region your business is located Nottinghamshire
Country This is the two-letter ISO code of the country your business is located GB
Email Address An email address for contact purposes info@noblue.co.uk
Public Key The public key that will go into the certificate Generated automatically

[/gem_table][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row]
If done correctly you should now have the following two files in C:\OpenSSL\bin sub.mydomainkey and sub.mydomainkeycsr.csr. Your CSR should look something like this;
-----BEGIN CERTIFICATE REQUEST-----
MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMR8w
HQYDVQQLExZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRcwFQYDVQQDEw53d3cuZ29v
Z2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZtYJCHJ4VpVXHfV
IlstQTlO4qC03hjX+ZkPyvdYd1Q4+qbAeTwXmCUKYHThVRd5aXSqlPzyIBwieMZr
WFlRQddZ1IzXAlVRDWwAo60KecqeAXnnUK+5fXoTI/UgWshre8tJ+x/TMHaQKR/J
cIWPhqaQhsJuzZbvAdGA80BLxdMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIhl
4PvFq+e7ipARgI5ZM+GZx6mpCz44DTo0JkwfRDf+BtrsaC0q68eTf2XhYOsq4fkH
Q0uA0aVog3f5iJxCa3Hp5gxbJQ6zV6kJ0TEsuaaOhEko9sdpCoPOnRBm2i/XRD2D
6iNh8f8z0ShGsFqjDgFHyF3o+lUyj+UC6H1QW7bn
-----END CERTIFICATE REQUEST-----

Requesting a Certificate

This process varies for different SSL providers but they all follow the same principle.
As we use GoDaddy we login into our account and go the SSL section. Other SSL providers might be different but GoDaddy is quite straightforward. One we’ve purchased an SSL we select “set up” to be taken to a new page.

From the example you can see above, we’ve taken the CSR which we generated earlier and pasted it into the box “Provide a certificate signing request (CSR)” which then populates the domain name based on the information you provided earlier. To confirm this there are terms and conditions you have to agree to, once you’ve read through those you can request your certificate.
You may need to verify domain ownership if it was purchased from another domain provider. To do this you have two options;

  1. HTML Page – Uploading a unique ID and creating a directory /.well-know/pki-validation/ in the highest level directory of your website and uploading the page as .godaddy.html
  2. DNS Record – You receive an email with a TXT value which you need to create in your domain names DNS zone file.

GoDaddy state this can take 5-10 minutes, other SSL providers may say it takes longer to verify. As soon as it is verified we’re able to retrieve our SSL certificate.
After retrieving the SSL we should have;

  • The certificate signing request file (csr)
  • The private key file (.key)
  • The SSL certificate (sub.mydomain.crt)
  • The intermediate certificate (sub.mydomain_ca.crt)

From this list, we will only need the private key, sub.mydomain.crt and sub.mydomain_ca.crt.

Activating your SSL Certificate within NetSuite

Having generated the relevant files, now we need to log into the NetSuite dashboard with an administrative role for the domain/subdomain we’re wanting to add the SSL certificate too. Once logged in navigate to Documents > Files > File Cabinet and then select SSL Certificates in the left-hand menu. From here you can select Add File and upload your .crt fils.

With your certificate uploaded the final thing to do is navigate to the domain you’re wanting to attach the SSL certificate too. To do this go to Set Up > Site Builder/SuiteCommerce Advanced > Domains. From here you should have a list of domains and subdomains associated with your account, in a lot of cases, this is checkout.yourdomain.com. Simply click edit to be taken through to the Set Up Domain page.
With your .crt and _ca.crt file already uploaded to the file cabinet, you click the two arrows in the Certificate field, select list, change the dropdown to SSL Certificates and select the .crt file which we referenced earlier as sub.mydomain.crt. Repeat this process for CA Certificate but selecting the sub.mydomain_ca.crt.

For the key password field, you will need to enter the secure phrase you created when creating a private key. In the Certificate Key, you will need to paste the contents of the CSR file and you should have something similar to the image above. Now click save and your SSL certificate should be live on your domain.

If you’re wanting to test it’s all working a great free tool to use is SSL Labs SSL testing tool which will give you all the information you need to ensure the SSL is properly setup with your SuiteCommerce site.

If you have any questions please feel free to contact our consultants who would happily advise should you require it.

Keep reading

Choosing the Right ERP Software: Key Factors to Consider

Once you’ve made the decision to move on from spreadsheet accounting or to upgrade your legacy ERP system, how do you choose the right ERP software?

Oracle NetSuite vs. Microsoft Business Central: Which is the juiciest ERP?

When you manage your whole business through an ERP system, you’re able to get a bird’s-eye view of your business, and better understand company-wide impacts of decisions, plans and unforeseen changes. This coordinated view is a real boon for companies looking to grow and to increase efficiency.

Realising Cost Savings: Calculating the ROI of Moving to NetSuite

It’s essential to quantify the value and expected returns from implementing a new ERP system like NetSuite. After all, any new IT system is a substantial business expense, requiring a compelling business case to gain buy-in from stakeholders.

Exploring the Benefits of Cloud-based ERP Solutions for Growing Businesses

As businesses strive for efficiency, they are increasingly turning away from on-premises technology and moving to the cloud. As testament to this shifting trend, statistics indicate that cloud ERP is forecast to grow at more than 17% between 2022 and 2028.

Streamline Your Operations: Solving Inventory Challenges with a New ERP System

ERP systems help companies automate and streamline operations, but how can they tackle the problems posed by inventory management?

How to manage a new NetSuite Release: one expert's update process

When you manage your whole business through an ERP system, you’re able to get a bird’s-eye view of your business, and better understand company-wide impacts of decisions, plans and unforeseen changes. This coordinated view is a real boon for companies looking to grow and to increase efficiency.

Ready to transform your business with Oracle NetSuite or Microsoft Dynamics 365?

Get in touch with us, and we promise we wont waste your time.

  • Initial call back to hear your needs.
  • We’ll give you an outline price fast.
  • A full discovery session to get to the heart of your business.
  • We’ll arrange software demos to show you what we can do.