Setting Up Your SSL Certificate

Starting in 2017 Google Chrome and other web browsers will start marking HTTP sites as insecure. While this won't impact your mobile apps directly, users of your app control panel will see a warning message in their web browser stating the the site isn't secure. To resolve this, you’ll need to set up an SSL certificate for your White Label account.

How Do I Set Up an SSL Certificate For My Account?

In order to prevent this from happening, you must take the following steps:

1. Log in to your Admin Control Panel

Note: if you don’t have an SSL certificate for your account yet, or your SSL certificate has expired you may see a screen like this:

In order to get past this click on the button that says “Advanced”

Then click on the link that says “Proceed to….”

 This message may be slightly different depending on the browser you're using. In this example we’re using Google Chrome.

2.  Go to Settings >> Account and scroll down to the “Certificate Request Form” section

Fill this out to generate your Certificate Request and Private Key files which are required in order to generate the SSL certificate.

3. Download certificate request file and private key files

You can download each of those text files from these links that appear once you’ve filled out the Certificate Request Form:

Once downloaded you’ll need to open them in a text editing program such as Notepad as you’ll be asked to copy and paste their contents in the SSL generation process. When you copy and paste them, make sure to copy everything.

4. Find a website such as GoDaddy, that can issue a Wildcard SSL Certificate

Make sure you can purchase a Wildcard SSL Certificate (one that can support multiple subdomains) from them. Once you have purchased your Wildcard SSL Certificate you will need to request your certificate.

If your SSL certificate provider asks for the signature algorithm, choose SHA-2. Once you have requested your certificated it may take some time to approve your request and provide you with the certificate file.

5. After your certificate has been approved, download the certificate file(s)

If you receive multiple certificate files, one file contains your certificate and the other is known as the certificate authority bundle. While you can just use your certificate file, a better practice is to combine the two into a single file. You can do this by opening both files in a text editing program such as Notepad and copying the contents of the bundle file and pasting them into your certificate file right below the existing text. Once that’s done go ahead and save the changes.

6. Log into your Admin Control Panel and go back to Settings >> Account and upload the certificate in the "Certificate Upload" section

7. Make sure your control panels are pointing to SSLProxy.BuildFire.com

Once you have uploaded your certificate file to the Admin Control Panel, you’ll need to make sure that your White Label Admin and App sites (as well as Sign-Up if you have one set up) are pointing to SSLProxy.BuildFire.com in the DNS settings of those sites. For example: 

You may have app.yourdomain.com pointing to PROD-CP-1355267609.us-east-1.elb.amazonaws.com. If that’s the case, change that to sslproxy.buildfire.com

8. You're finished! 

Certificate files are valid for up to three years, depending on the type you purchase. When it comes time to renew your certificate, you’ll need to generate a new certificate, but you can reuse your existing certificate request and private key files.

Next we'll go over how to renew your SSL certificate.

How Do I Renew An SSL Certificate For My Account?

Because SSL certificates expire after a certain amount of time you’ll need to periodically generate new ones. Here’s the steps on how you can generate a new SSL certificate:

1. Log in to your Admin Control Panel and go to Settings >> Account and scroll down to the “Certificate Request Form” section and download the Certificate Request and Private Key files

As long as you didn’t make any changes to your account’s domain name then you should be able to download the Certificate Request and Private Key files from these links:

If you did make a change to your account’s domain name, please let us know and we’ll have our team reset the request form for you.

2. Find a website such as GoDaddy, that can issue a Wildcard SSL Certificate

You can use the same website that you previously used, or a new site. Just make sure you can purchase a Wildcard SSL Certificate (one that can support multiple subdomains) from them. Once you have purchased your Wildcard SSL Certificate you will need to request your certificate.

They will need your certificate request file and/or private key files. Once you’ve downloaded those files you’ll need to open them in a text editing program such as Notepad as you’ll be asked to copy and paste their contents in the SSL generation process. When you copy and paste them, make sure to copy everything. If they ask for the signature algorithm, choose SHA-2. Once you have requested your certificated it may take some time to approve your request and provide you with the certificate file.

3. After your certificate has been approved, download the certificate file(s)

If you receive multiple certificate files, one file contains your certificate and the other is known as the certificate authority bundle. While you can just use your certificate file, a better practice is to combine the two into a single file. You can do this by opening both files in a text editing program such as Notepad and copying the contents of the bundle file and pasting them into your certificate file right below the existing text. Once that’s done go ahead and save the changes.

4. Log back into your Admin Control Panel and go to Settings >> Account and upload the certificate in the "Certificate Upload" section

The new certificate will replace the old one that was expiring, or is expired.

Still have questions? No problem! Reach out to us and we’d be happy to help :)

Did this answer your question?