SSL certificates (Video)

You can add SSL certificates to IT Glue for centralized storage and to track expirations for your client's externally facing services and websites that are secured with SSL.

SSL certificates are captured in a very similar manner to domains. Simply enter the URL. The public aspects of the certificate are parsed automatically from the certificate itself, including the Common Name, Expiration, Signature Algorithm, and Issuer.    

Keep in mind that if you add a domain that has an SSL certificate, the SSL certificate is automatically added to IT Glue when you add the domain. For more information, see Domains.

Before you begin, watch the following video (2:07): 

 

Prerequisites

  • Access to known DNS records for the client, which will probably require signing in to the domain registrar or hosting company's DNS management console for each client domain.

Instructions

  1. Check the DNS zone file records for any CNAME records that might potentially have https:// components. Here's a short checklist of some common options to browse:
    • remote
    • mail
    • webmail
    • owa
    • crm
    • app
    • voice
    • secure
    • billing
    • vpn
  2. Browse to each subdomain and check the certificate name using the security feedback from your browser.
  3. From IT Glue, navigate to the organization you are onboarding.
  4. From the left sidebar, click on SSL Tracker.
  5. Click + New button in the top right corner.
  6. Enter the certificate name (e.g. remote.company.com) and details in the relevant fields:
    • Certificate host - Provide a valid host that uses the certificate you wish to add (companyname.com). This system will automatically retrieve the certificate. For wildcard certificates, you can use any host that will match (e.g. subdomain.example.com instead of *.example.com).

    • Certificate - Alternatively, you can manually provide the certificate source using this field. Simply paste the certificate contents in PEM-encoded format. Use this method for self-signed certificates or in cases where the certificate cannot be retrieved from a host.

      Notes:

      • You should only include the certificate itself here, not the rest of the chain.

      • Manually entered PEM files will not refresh automatically.


    • Intermediate chain - Use this field to store the rest of the certificate chain. You might want to provide this for future reference in case you need to provision a server with the certificate. Simply paste the certificate chain in PEM-encoded format. Do not include the root certificate in this field.

    • Certificate signing request - Store the original CSR for your certificate in the event you need it for a future renewal.

    • Private key - Store the certificate's private key in this field, which again, may be useful if you need to provision a server with the certificate at a later date. This field is stored securely in encrypted format in our database.

    • Notes - Add any additional notes regarding the certificate.

  7. When you're done, click Save.
  8. Next, research with key contacts who supply the certificates and record any account information and passwords used for certificate management using Related Items (right-hand side of the screen). If necessary, revisit the Vendors and Passwords areas to record these credentials.
  9. Edit the certificate you entered in IT Glue to paste in the private keys from servers if you have the required access and add any notes as required.

 

Note

  • Valid From and Valid Until dates can be manually entered for SSL certificates that are created with a PEM-encoded certificate.
Was this article helpful?
3 out of 3 found this helpful