Ok, since there is hardly any documenation on how to do this inCommitCRM... Here's how.. Please note, this may be the blind leading the blind, but hopefully it will save someone some time.
Here is CommitCRM's official documentation:
Note that in the instructions, anything in [] should be replaced with your own variables.
Also, in CommitCRM's documentation, the process they describe about importing your certifcate and exporting did not work for me. But maybe I did something wrong, your mileage may vary! :)
To get an SSL Cert on CommitCRM Web Interface:
1) Download openssl.exe here. Save it in a folder on your desktop.
2) Create a custom config file for openssl and save it in the save directory openssl.exe is in. Instructions on doing that are here: (step 4) http://www.flatmtn.com/article/setti...e-certificates Maybe there's an easier way but that is the only way I could figure out.
3) Open a command prompt and "cd" to the directory openssl is in. Run this command:
openssl req -new -newkey rsa:2048 -nodes -out FQDN.csr -keyout Key.key -subj "/C=[COUNTRY ABREVIATION HERE]/ST=[2 DIGIT STATE ABBRIATION HERE]/L=[CITY HERE]/O=[ORGANIZATION NAME HERE]/CN=[FULLY QUALIFIED DOMAIN NAME HERE]" -config "opensslconf.cnf" Where opensslconf.cnf is the path to the config file you created in step 2. This will create the csr request to give to your Certificate Authority. (I used godaddy, $29/ year) Take note of the file that is created called Key.key. You are going to need this.
4) Submit the CSR to your athority and then you should get the certificate back. Mine came in a *.crt format. This will have to be converted.
5) Convert the certificate from a *.crt format to a *.pem format that CommitCRM needs. Run this command: openssl x509 -in [PATH TO CERT FROM CA].crt -out input.der -outform DER
And this command:
openssl x509 -in input.der -inform DER -out Cert.pem -outform PEM
6) You now have the Key.pem (created in step 3) and the Cert.pem (created in step 5). Last we need the Root.pem. To get that, go to Internet Explorer -> Tools -> Internet Options -> Content -> Certificates -> Trusted Root Certifcation Authorities Tab. Find the CA in the list from whom you purchased your Cert. In my case, it was Go daddy. Click on their name, and Click Export. Export as a Base-64 encoded X.509. Save the file with your other PEM files. Now go rename that file to Root.pem.
7) Save Root.pem, Key.pem, Cert.pem in your CommitCRMdir\Webinterface folder. Go to CommmitWebInterface.ini, and change the SSL Port to whatever you want and Set SSL Required to Y.
8) Restart the CommitCRM web interface service on your server and you should have SSL. You will need to connect to https:\\[fqdn]:[ssl port]
Done!!
Here is CommitCRM's official documentation:
Note that in the instructions, anything in [] should be replaced with your own variables.
Also, in CommitCRM's documentation, the process they describe about importing your certifcate and exporting did not work for me. But maybe I did something wrong, your mileage may vary! :)
To get an SSL Cert on CommitCRM Web Interface:
1) Download openssl.exe here. Save it in a folder on your desktop.
2) Create a custom config file for openssl and save it in the save directory openssl.exe is in. Instructions on doing that are here: (step 4) http://www.flatmtn.com/article/setti...e-certificates Maybe there's an easier way but that is the only way I could figure out.
3) Open a command prompt and "cd" to the directory openssl is in. Run this command:
openssl req -new -newkey rsa:2048 -nodes -out FQDN.csr -keyout Key.key -subj "/C=[COUNTRY ABREVIATION HERE]/ST=[2 DIGIT STATE ABBRIATION HERE]/L=[CITY HERE]/O=[ORGANIZATION NAME HERE]/CN=[FULLY QUALIFIED DOMAIN NAME HERE]" -config "opensslconf.cnf" Where opensslconf.cnf is the path to the config file you created in step 2. This will create the csr request to give to your Certificate Authority. (I used godaddy, $29/ year) Take note of the file that is created called Key.key. You are going to need this.
4) Submit the CSR to your athority and then you should get the certificate back. Mine came in a *.crt format. This will have to be converted.
5) Convert the certificate from a *.crt format to a *.pem format that CommitCRM needs. Run this command: openssl x509 -in [PATH TO CERT FROM CA].crt -out input.der -outform DER
And this command:
openssl x509 -in input.der -inform DER -out Cert.pem -outform PEM
6) You now have the Key.pem (created in step 3) and the Cert.pem (created in step 5). Last we need the Root.pem. To get that, go to Internet Explorer -> Tools -> Internet Options -> Content -> Certificates -> Trusted Root Certifcation Authorities Tab. Find the CA in the list from whom you purchased your Cert. In my case, it was Go daddy. Click on their name, and Click Export. Export as a Base-64 encoded X.509. Save the file with your other PEM files. Now go rename that file to Root.pem.
7) Save Root.pem, Key.pem, Cert.pem in your CommitCRMdir\Webinterface folder. Go to CommmitWebInterface.ini, and change the SSL Port to whatever you want and Set SSL Required to Y.
8) Restart the CommitCRM web interface service on your server and you should have SSL. You will need to connect to https:\\[fqdn]:[ssl port]
Done!!
Comment