SSL Certificate Is Expiring

Overview

You may notice that an SSL certificate is going to expire soon or has already expired for your production or staging website.

Solution

1. Submit a request to Symphony Support to generate a CSR file for you, providing the following information:
   • Common Name - the primary domain for the certificate.
   • Organization - the company for which it is issued.
   • Organizational Unit - the unit within the company (optional value that is often ignored by certificate issuers).
   • Locality - the region or city where the company is located.
   • State - the state where the company is located.
   • Country - where the company is located.
   • Number of bits for the certificate - typically 2048 or 4096.
   • Additional domains to be included to the certificate as Subject Alternative Names (SANs).
2. Generate a new SSL certificate using the CSR file provided by our Support team.
   Here are samples of SSL Certificate Authorities which you can use to generate an SSL certificate:
   
   • GeoTrust
   • Comodo
   • Digicert
   • Thawte
   • GoDaddy
3. Send the created SSL certificate to Symphony Support on the same ticket - our SaaS team will update the certificate for the website.

<supportagent>

1. If the customer hasn't provided the information required to generate the CSR file (and it's a renewal for the existing certificate), obtain the details from their existing certificate: 
   1. Open the website mentioned by the brand.
   2. Click on the padlock icon in the address bar.
   3. Click on the Certificate button.
      
      
      
      
   4. Select the Details tab and copy the data required for CSR (as per step 1 of the public section).
2. Submit a request to create CSR for the customer
3. Include the brand's information as a comment on the created ITOps ticket.
   Note: Additionally, ask the ITOps team to include the private key which they will use to generate CSR.
4. Inform the brand that you have asked the SaaS Team to generate the CSR file and place the ticket on hold.
5. Once the CSR file is generated, send it to the brand and ask to generate an SSL certificate.
6. When the brand submits a newly generated SSL certificate, create a Change Request Jira under the SPC project for the SaaS team to implement the certificate to the brand's website, including the certificate itself and the private key used to generate CSR. 
   Sample Jira: SPC-34725.
7. Check that the certificate expiration date was updated (as described in step 1 of the agent-only section).

</supportagent>