Cloud Platform

Generating a certificate signing request (CSR)

The first step in obtaining an SSL certificate to use with Cloud Platform is to generate a Certificate Signing Request, or CSR. The CSR contains information about your organization and website that a Certificate Authority can use to generate the appropriate SSL certificate for your website.

You cannot generate a CSR for an Acquia default domain.

If you already have an SSL certificate, or if you choose to generate a CSR some other way (such as using the command line), you can skip this page. However, only CSRs generated using the Cloud Platform user interface are managed and displayed on the SSL page.

CSRs for Node.js applications

Certificate signing requests generated in the Cloud Platform user interface don’t work with Node.js applications. For more information and a workaround, see this known issue.

To generate a CSR in the Cloud Platform user interface:

  1. Sign in to the Cloud Platform user interface as a user with the necessary permissions.

  2. Select your environment and click SSL.

  3. Click Generate CSR.

    The Generate certificate signing request page is displayed.

  4. Enter the following information:

    • Country: Use the standard two-letter ISO country code for the country where your organization is located. For example, US or ZA

    • State, province, or region: Use the full state or province name, without abbreviation. For example, California, not CA, and New Brunswick, not NB

    • Locality: Use the city or town name, without abbreviation

    • Organization or company: Use the full legal name of the organization or company that owns the domain name

    • Department or organizational unit: (Optional) Use the name of the department or organizational unit for the domain

    • Common name (domain name): Enter the fully qualified domain name that visitors use to reach your website, without the http:// or https:// protocol element. For example, to secure https://www.example.com, enter www.example.com or *.example.com for a wildcard certificate

    • Subject alternative name(s): (Optional) Enter additional domain names, separated by commas, such as www.example.net, www.example.org. Adding additional domain names will generate a CSR appropriate for a UCC (Unified Communications Certificate) SSL certificate

  5. Click Generate CSR.

Cloud Platform generates a CSR.

Using a CSR to obtain an SSL certificate

All the CSRs that have been generated for an environment are listed on the SSL page. You need to provide the CSR in encoded format to your SSL certificate vendor in order to obtain an SSL certificate. To get the CSR in encoded format:

  1. Click SSL.

  2. In the Certificate signing requests section, click View to view the CSR.

  3. For Certificate Request, click Show.

    Cloud Platform displays the encoded CSR.

  4. Copy the encoded CSR and provide it to your SSL certificate vendor in the vendor’s certificate purchase process.

Next step

After you generate and copy the CSR, use it to obtain an SSL certificate.