CSR for SSL to monster platform

[Anthony Goss]

Who do we contact about getting a CSR for SSL connection to the monster portal when using Cnam forwarding to ui.zswitch.net?

[Isaac]

Hey Anthony,

Thank you for your question. I am researching this and will get back to you.

[Isaac]

Anthony,

Thank you for your question, you would generate your own CSR so that you could get the certificate. We, 2600Hz, would not be involved in this process. Once you obtain an SSL certificate we would take it and add it to our system.

[Brian Sloan]

I need to do this as well for white labeling.  However, how do we generate the CSR?  The CSR has to be generated from the server correct?  So wouldn't you all have to generate it and send it to us so we can request a cert?  Also any change you all could implement Let's Encrypt SSL Certificates into the UI so we can just generate and deploy free ones right from the interface?  We use cloudways for website hosting and their interface makes it nice and easy to do... This would be a really good enhancement to Monster UI :)

[Darren Schreiber]

CSR doesn't need to be requested by the hosting server, you can do it on any server. The CSR + CRT + KEY create the combination you need to load the cert on any server.

It's just an OpenSSL generated cert in the end.

Check out https://www.digicert.com/easy-csr/openssl.htm . We can't "recommend" this because there are security implications with using such a tool, but in my opinion they're minor and this is really easy :-)

You'll get a certificate request that you can then submit to your provider. They'll keep you back a signed cert. You should end up with three files. You need to submit all of them together.

We've debated the Let's Encrypt option. Too much to do right now with call center coming online, but we'll keep it in mind.

[Darren Schreiber]

Oops, that was the wrong link. Let me find the right one...

[Brian Sloan]

Call center huh?!? Very sweet and makes me very happy to hear it... you guys rock :)

Can you maybe keep the idea of Let's Encrypt auto generation in mind for later enhancement?  It would be fantastic to be able to do that right in the UI.  Cloudways has implemented it nicely (if you are looking for example lol)

[Darren Schreiber]

I can't find the one I liked, but something like this. https://csrgenerator.com/

Of course your key / request pair are now known by some other provider, but they're not horribly useful if they can't go get them signed.

Honestly if you just Google "generate ssl csr online" you'll find a bunch of these things.

[Brian Sloan]

Thanks I found a few.  But what about the digicert link you provided?   it looks the same as the others I found.  Is there a reason it wont work?

[Darren Schreiber]

It just shows you command lines, doesn't generate the cert for you.

[Brian Sloan]

ah i see that now lol... thanks.  this one looks decent:

https://www.gogetssl.com/online-csr-generator/

[Brian Sloan]

ah i see that now lol... thanks.  this one looks decent:

https://www.gogetssl.com/online-csr-generator/

[Rick Guyton]

So, we can send SSL certs in now for the Portal? Will the SSL also apply for the provisioner? Any requirements? Will wildcard certs work? For instance, if I got *.sip.clearingvoice.com would that work? Would the provisioner use my SSL as well?