Introduction and whats changing
The way we generate and provision SSL certificates has changed with our new SaaSV2 deployment. Previously, we asked each customer with a custom domain name to generate an SSL certificate and send it over to us annually. This process was difficult for non-technical users, resulting in an additional cost for the customer (as they had to purchase an SSL certificate at their own expense). We often found that the renewals were missed and resulted in downtime for end users.
To improve this process efficiency, reduce cost for our customers and ultimately prevent downtime during certificate renewals, we're now offering FREE SSL certificates for any custom domain, as well as the free *.myintranet.com SSL certificate that we offered previously. This offers the same level of security and encryption, but we take on the ongoing maintenance and automation of the SSL certificates on your behalf, by utilising Google Managed Certificates. You can read more about these here.
The Process
1. A customer-managed DNS entry will need to have an A record pointed at a dedicated, external IP address that Claromentis will provide upon request.
TTL (IMPORTANT). When pointing the A record, we would require the TTL to be set to 300 seconds, to make sure changes propagate quickly. Setting a longer TTL when pointing your DNS entry can cause further delays with the DNS change.
2. Claromentis will then make the necessary changes internally to provision a Google Managed Certificate. This can take up to 2 hours to be issued and applied to your instance. Once this has been provisioned, the custom domain name will be accessible for use.
To start the above process, please submit a Change Request.
Important considerations:
- You must own the custom DNS; Claromentis doesn't manage the ownership of these DNS entries. Only *.myintranet.com is owned and managed by Claromentis.
- There will be a time period where your intranet is inaccessible while the SSL certificate is being propagated by Google.
----------------------------
For On-Premise installations, please see the following article.
