Sign Up for Training |
Jet Express Support |
Jet Reports Company Site
Jet 365 Financials
Jet Professional
Jet Enterprise
Downloads
Community
Submit a Request
Feedback

Using an SSL Certificate with the Jet Web Portal


Overview

In order for users to access the Jet Web Portal from outside your network, the server running the Web Portal must:

  • be running Microsoft IIS
  • be configured in DNS
  • have a secure SSL/TLS certificate installed and be bound to the Jet Web Portal

There are a few steps to go through to obtain and install your certificate

 

How to Order an SSL Certificate

 

Purchasing an SSL Certificate 

You want to purchase a certificate from a Certificate Authority so that it will be trusted on nearly all computers in the world.


A Domain Validated certificate is sufficient and low cost, however Extended Validation and Wildcard certificates will also work. Self-signed certificates are not recommended as they will not be recognized on users' computers.

 

What is a Certificate Authority?

Your certificate will be obtained from a Certificate Authority (CA).  Certificate Authorities are organizations that act as a trusted third party to provide assurance to your users that information passed to and from your server is secure.

There are a number of CAs available to choose from.  If your organization does not already have a specific CA, a basic internet search will help you find one.  Here is one list that may help you get started.

 

General Process

The process of ordering a certificate goes something like this:

  • Prepare by getting your server set up and getting your WHOIS record updated, etc.
  • Generate the Certificate Signing Request (CSR) on the server
  • Submit the CSR and other info to the Certificate Authority
  • Have your domain and company validated
  • Receive and install the issued certificate

 

Preparing your WHOIS record

When you purchase a certificate for a particular domain name, the Certificate Authority (CA) needs to ensure that you own the domain name that you are getting the certificate for and that you are authorized to order the certificate. This is primarily done by making sure that the WHOIS record (the ownership and contact information associated with each domain name) matches the company name and address that is submitted with the certificate order. Some CAs will call the phone number listed in the WHOIS record and many will send an email to the address listed there so make sure you have the correct information listed. You can check the WHOIS record for your domain name here

 

Generate the Certificate Signing Request

What is a CSR (Certificate Signing Request)?

A CSR or Certificate Signing Request is a block of encrypted text that is generated on the server that the certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. It also contains the public key that will be included in your certificate. A private key is usually created at the same time that you create the CSR.

What is contained in a CSR?

NAMEEXPLANATIONEXAMPLES
Common Name The fully qualified domain name (FQDN) of your server. This must match exactly what you type in your web browser or you will receive a name mismatch error. *.google.com
mail.google.com
Organization The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC. Google Inc.
Organizational Unit The division of your organization handling the certificate.

Information Technology

IT Department

City/Locality The city where your organization is located. Mountain View
State/Country/Region The state/region where your organization is located.  This should *NOT* be abbreviated. California
Email address An email addres used to contact your organization webmaster@google.com
Public Key The public key that will go into the certificate The public key is created automatically.

 

What does a CSR look like?

Most CSRs are created in an encoded format referred to as "PEM".

This format includes the "-----BEGIN CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----" lines at the beginning and end of the CSR. Such a CSR can be opened in a text editor and looks like the following example:

-----BEGIN CERTIFICATE REQUEST-----
MIIfyjCDJVPbJRQZwgYkxCAZJfgNVfZYTZlVTMRMwEQYDVQQIEpQDYWxpAm5yfmlh
MRYwbZYDVQQHEw1Nf3VudGZpfifWZWV3MRMwEQYDVQQKEwpHf25nfGUgSW9jMR8w
HQYDVQQLExAJfmAvcm1hdGlvfifUAWNofm5sf2d9MRcwbQYDVQQDEw93d3cuA25v
A2xlLmNvfTCfnAZKSKCIENMiG5w0fZQEbZZOfjQZwgYkCgYEZpAtYJCHJ4VpVXHbV
IlstQTlO4qC03hjX+AkPyvdYd1Q4+qfZeTwXmCUKYHThVRd9ZXSqlPAyIfwieMAr
WblRQddA1ZJDHDdVRDWwZo60KecqeZXnnUK+9bXoTI/UgWshre8tJ+x/TMHZQKR/J
cIWPhqZQhsJuAAfvZdGZ80fLxdMCZwEZZZZZMZ0GCSqGSIf3DQEffQUZZ4GfZIhl
4Pvbq+e7ipZRgI9Zkbd523yu97gbjd;l44DTo0JkwbRDb+ftrsZC0q68eTb2XhY
Q0uZ0ZVog3b9iJxCZ3Hp9gxfJQ6AV6kJ0TEsuZZOhEko5sdpCoPOnRfm2i/XRD2D
6iNh8b8A0ShGsbqjDgbHyb3o+lUyj+UC6H1QW7fn
-----END CERTIFICATE REQUEST-----

 

Using your Certificate Authority's Utilities

Some Certificate Authorities have proprietary utilities to aid you in the creation and submission of your CSR, and the installation of the certificate.  If you have a particular CA in mind, contact them for specifics.

Otherwise, here is some general information about how to create a CSR within supported versions of Microsoft IIS.

 

How to Create a CSR

There are various types of certificates available (depending upon the type of web server you use).  The Jet Web Portal requires the use of Microsoft IIS - so your certificate must support IIS.

If you are not using a CA's utilties to create your CSR, you can create the CSR directly within IIS. The steps used to create a CSR vary slightly depending upon the version of Windows Server and IIS that you are using.

Click the link for the version of IIS you are using:

Creating a CSR in Microsoft IIS 7

Creating a CSR in Microsoft IIS 8 or 8.5 

 

Submitting your CSR

Contact your Certificate Authority of choice (if you are not using the utility provided by a CA, visiting their web site is your best option).  

The site will have an area where you can submit your CSR.  

Follow the instructions provided by the CA.

This may involve uploading your CSR file or opening the file in Notepad, copying the contents, and pasting those contents in the area provided.

Example:

 

Installing your Certificate

Once you receive you certificate, you are ready to install it and bind the Jet Web Portal to it:

Installing and Binding an SSL Certificate in IIS 7

Installing and Binding an SSL Certificate in IIS 8 or 8.5

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments