API Documentation
Home > Manual > Networking > SSL Tab

SSL Tab

We permit uploading of SSL certificates which can be attached to the SSL protocol. This allows us to decrypt the SSL session in order to insert client-ip headers, or perform SSL offload. Unless you require either of these two features, you probably don’t need SSL and could use the SSL_PROXY protocol instead to simply pass SSL traffic through from the client to your server.

NOTE: We are unable to provide CSRs (Certificate Signing Requests). This can be done using openssl on your desktop, or from any major web server. You must obtain the CSR and purchase your certificate from any major provider. It must also be in the form of a KEY and CERTIFICATE to properly upload and utilize here. If you are trying to export an existing certificate from a Windows server, please visit our knowledge base for instructions on splitting it into two parts, the key and cert, for uploading here.

SSL KEYS
Upload your SSL key here. We support the PEM or DER formats. If a password was placed on the key, you will need to enter it here.

SSL CERTIFICATES
Upload your SSL Certificate here. We support the PEM or DER formats.

KEY/CERT PAIRS
Before you can assign an SSL certificate to a port in the Configuration Builder, you must first create a Key/Cert pair. To create a pair, click CREATE PAIR in the toolbar. Assign a friendly name to your pair for future reference, choose the key, choose the cert and click Generate.

To chain your cert/key pair to an Intermediate certificate, select it in the table, and then click LINK in the toolbar. Choose the intermediate certificate from the list based on the provider of the certificate. Once selected, click LINK. If the Intermediate certificate is not compatible with your key/cert, you will receive an error. You may need to try a few. If your Intermediate certificate does not appear in the list (which is possible, since we may not have all of them yet), simply create a support ticket and let us know so we can add it. We cannot let you add it since our global system does not support duplicates.