Creating an SSL Certificate device

IMPORTANT  Automated retrieval of WHOIS information, DNS records, and SSL certificates requires that the Domain & SSL Tracking feature is enabled. Refer to Enabling domain & SSL certificate tracking.

In addition to creating an SSL certificate when you create the domain, you can also create the certificate manually.

Populating SSL Certificate-specific fields

For general information about creating a device, refer to Adding and editing devices. Populate the category-specific fields as follows:

  1. To open the page, use the path(s) in the Security and navigation section above.
  2. Select SSL Certificate as the Device Category.
    The SSL Source component and field will appear on the Main panel of the New Device page.
  3. The required Product field will default to the system product None but can be changed. Best practice is to create a product named SSL Certificate and assign it as the default product for SSL certificate devices. Refer to Adding, editing, or copying a product.
  4. Complete all required fields and enter an SSL Source.
Field Name Description

SSL Source

Enter a PEM Encoded Certificate. If automatic retrieval is enabled, you can optionally also enter a certificate Host.

EXAMPLE  for Certificate Host(s) with valid formatting:
www.datto.com
datto.com
http://datto.com
https://datto.com
portal.datto.net
demo.shop.datto.com (uncommon, but it is possible to have multiple sub-domains)

For PEM certificates, the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines are required.

EXAMPLE  for PEM-encoded certificate:
-----BEGIN CERTIFICATE----- MIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G A1UEChMGR251VExTMSUwIwYDVQQLExxHbnVUTFMgY2VydGlmaWNhdGUgYXV0aG9y aXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBAMTHEdudVRMUyBjZXJ0aWZpY2F0 ZSBhdXRob3JpdHkwHhcNMTEwNTIzMjAzODIxWhcNMTIxMjIyMDc0MTUxWjB9MQsw CQYDVQQGEwJCRTEPMA0GA1UEChMGR251VExTMSUwIwYDVQQLExxHbnVUTFMgY2Vy dGlmaWNhdGUgYXV0aG9yaXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBAMTHEdu dVRMUyBjZXJ0aWZpY2F0ZSBhdXRob3JpdHkwWTATBgcqhkjOPQIBBggqhkjOPQMB BwNCAARS2I0jiuNn14Y2sSALCX3IybqiIJUvxUpj+oNfzngvj/Niyv2394BWnW4X uQ4RTEiywK87WRcWMGgJB5kX/t2no0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1Ud DwEB/wQFAwMHBgAwHQYDVR0OBBYEFPC0gf6YEr+1KLlkQAPLzB9mTigDMAoGCCqG SM49BAMCA0gAMEUCIDGuwD1KPyG+hRf88MeyMQcqOFZD0TbVleF+UsAGQ4enAiEA l4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo= -----END CERTIFICATE-----

NOTE  PEM Encoded SSL certificates will not auto-update.

  1. Click Save.
  2. If validation fails, the device will not be saved, and an error message will appear above the toolbar.

 

If validation is successful, the SSL Details fields will be populated. If you entered a certificate host, the information will be retrieved, if you entered a PEM certificate, it will be decoded locally.

Viewing SSL Details

If the SSL certificate is valid and you are able to save the device, an additional component, SSL Details, will appear. By default, it is displayed below the Description component.

Updating SSL certification details

IMPORTANT  Once the Domain or SSL Certificate category has been selected for a device, you cannot change the category in either the UI or the API.