Guidelines for using your own SSL Certificate and creating a properly formatted PEM file

While we already offer the ability for our Customers to use a shared SAN SSL certificate that Uberflip owns and manages, we understand that many of our Enterprise Customers would prefer to keep that control in house via their own certificate.  We can now accommodate this situation!

To be able to use your own SSL certificate, we'll need you to:

  1. Prepare a PEM file which includes the private keys and certificates
  2. Share that PEM file with the Uberflip Support team by either sending us a link using a secure file sharing service you trust OR you can upload your PEM file into a private Google Drive Folder after we invite you to join that Folder (a Google Account is required for the latter)

1. Preparing your PEM file

There are quite a few ways to create a PEM file, and there are going to be nuances to how your file looks depending on your SSL certificate vendor and what they require,  but the general rule and structure for your PEM file will be:

-----BEGIN BASE64 ENCODED PRIVATE KEY----- 
**Base64 encoded private key here** 

-----END BASE64 ENCODED PRIVATE KEY----- 
-----BEGIN CERTIFICATE----- 
**Base64 encrypted certificate detail here** 

-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE BUNDLE IF PROVIDED----- 
**Include certificate bundle if provided by the SSL vendor** 
-----END CERTIFICATE-----

  • So the file will be in order of:  Base64 Encoded private key;   Base64 Encoded certificate;   any other certificate information that your SSL vendor has provided in Base64 encoded form.  Here is an example:

-----BEGIN PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDg
MBQGCCqGSIb3DQMHBAgD1kGN4ZslJgSCBMi1xk9jhlPxPc
9g73NQbtqZwI+9X5OhpSg/2ALxlCCjbqvzgSu8gfFZ4yo+
A .... MANY LINES LIKE THAT ....
X0R+meOaudPTBxoSgCCM51poFgaqt4l6VlTN4FRpj+c/Wc
blK948UAda/bWVmZjXfY4Tztah0CuqlAldOQBzu8TwE7WD
H0ga/iLNvWYexG7FHLRiq5hTj0g9mUPEbeTXuPtOkTEb/0
GEs=
-----END  PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3Df
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVx
aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMT
A .... MANY LINES LIKE THAT ....
JjyzfN746vaInA1KxYEeI1Rx5KXY8zIdj6a7hhphpj2E04
C3Fayua4DRHyZOLmlvQ6tIChY0ClXXuefbmVSDeUHwc8Yu
B7xxt8BVc69rLeHV15A0qyx77CLSj3tCx2IUXVqRs5mlSb
vA==
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE BUNDLE IF PROVIDED-----
MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3Df
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVx
aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMT
A .... MANY LINES LIKE THAT ....
JjyzfN746vaInA1KxYEeI1Rx5KXY8zIdj6a7hhphpj2E04
C3Fayua4DRHyZOLmlvQ6tIChY0ClXXuefbmVSDeUHwc8Yu
B7xxt8BVc69rLeHV15A0qyx77CLSj3tCx2IUXVqRs5mlSb
vA==
-----END CERTIFICATE BUNDLE-----

 

NOTE:  If your PRIVATE KEY is encrypted, you will need to provide us with the passphrase in order for us to install the file on our server.

2. Share the PEM File with Uberflip

Because Uberflip is a SAAS platform, with all content being delivered from our servers, we'll need to install your SSL certificate on our side.   This requires you to send or share your PEM file with us in a secure way.

Use your own File Sharing Service

If you already use a file sharing service that you trust you can just send us a link for your PEM file to support@uberflip.com  There are other services out there (like onetimesecret.com) where you can send a link securely as well.

Upload the File to a Private Google Drive Folder

Alternatively, Uberflip Support can set up a private Google Drive Folder, and invite a member of your team to that Folder so the PEM can be uploaded directly.   In this scenario, only a select few authorized members of our Support and Development teams will have access to that Folder (in addition to the team member we invite from you).    With this method, only Google Account email addresses can be invited so  if you don't already have one setup, you can create a new one and let us know the email address.

If the Private Key information is encrypted, you will need to provide the passphrase to decrypt within a Google Doc in this shared Folder.

PFX File format?
If your processes prefer providing your certificate and private keys in PFX format, we can work with that too!  Just make sure you include the password for that file so we can access.

Of course if there are any questions about this process please contact support@uberflip.com!

 

 

 

Previous Article
Deleting/Cancelling a Custom Domain
Deleting/Cancelling a Custom Domain

You may not need a specific Custom Domain any more, or you may need to make...

No More Articles

Questions about setting up your custom domain name?

Ask For Help