Step 1: Generate a private key and a server certificate request with OpenSSL (this can be done on any machine).
openssl req -new -newkey rsa:2048 -nodes -keyout netbeez.key -out netbeez.csr
This command will require some information in the input. When prompted, make sure to input the correct server's FQDN. Here is an example of what the CSR information prompt will look like:
Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:<Customer_State> Locality Name (eg, city) :<Customer_City> Organization Name (eg, company) [Acme, Inc.]:<Customer_Company_Name> Organizational Unit Name (eg, section) :<Customer_Company_Division> Common Name (e.g. server FQDN or YOUR name) :<SERVER_FQDN> Email Address :
Step 2: Send the netbeez.csr file to your customer's Certification Authority (CA), which will generate and return a netbeez.crt HTTPS certificate.
Ensure the following for the certificate:
- Type is Certificate (w/ chain), PEM encoded
- If chained certificate, ensure that your domain's cert is at the beginning.
E.g. chained certificate should have this order:
(Your Primary SSL certificate: eg. your_domain_name.crt)
(Your Intermediate certificate: eg. DigiCertCA.crt)
(Your Root certificate: eg. TrustedRoot.crt)
Please note, that if you have a certificate chain that needs to be satisfied, it will need to be combined into one file in the correct order (e.g. root, all (if any) intermediate certificates, dashboard certificate) before being sent to NetBeez support.
Step 3: Once you have the netbeez.key and netbeez.crt files, open a ticket via email (firstname.lastname@example.org) to have the certificates installed on your NetBeez server.