NetSuite Tips: Installing an SSL Certificate on SuiteCommerce

An Image presenting why installing an SSL Certificate on SuiteCommerce is important.

The importance of ensuring your website has an active SSL connection has never been more prevalent. In July 2018 Google Chrome (roughly owns a 50% market share of browsers used in the UK) started displaying websites with an “untrusted error” as well as Google actively saying an SSL certificate will help with organic ranking in their search results.
As well as the added benefits from search engines, their primary purpose is to keep important information/data safe. By encrypting the data customers enter on your website, you’re keeping their personal information secure such as bank details, address, contact information and anything they enter. With a surge of websites switching to HTTPs, it’s now estimated over 73% of webpages load up with a secure connection. Not all websites do however and some big brands haven’t made the switch yet, meaning customers are greeted with the page below when trying to access a secure connection.

Create a Private Key

We’re going to go ahead and presume you’ve purchased your SSL certificate from a reliable source, we tend to use GoDaddy SSL, however, any reputable company offering an SSL should do, you can even get a free SSL from Lets Encrypt.
Firstly you’re going to need download and install OpenSSL which is a toolkit for the Transport Layer Security or TLS. Once installed we can start the process of creating a private key;

  1. Open a command prompt on your desktop. You can do this by clicking Start > Accessories > Command Prompt, or type CMD into the Search/Run function of windows.
  2. Type C: then enter to change your directory
  3. Type openssl and enter
  4. Copy and paste the following code changing “sub.mydomainkey” to your subdomain and main domain

genrsa –des3 –out <sub.mydomainkey>.key 2048
Once you have completed these steps you will be required to enter a secure phrase. It’s very important you keep a record of this as it’s your password which protects your private key.

Generating a CSR (Certificate Signing Request)

When generating a new CSR the SSL provider may have specific instructions or guidelines. To generate the CSR;

  1. Open a command prompt on your desktop. You can do this by clicking Start > Accessories > Command Prompt, or type CMD into the Search/Run function of windows.
  2. Type C: then enter to change your directory
  3. Type openssl and enter
  4. Copy and paste the following code changing “sub.mydomainkey” to your subdomain and main domain

req –new –key <sub.mydomainkey>.key –out <sub.mydomainkeycsr>.csr
After this, you will be required to enter some information about your business and website. This will be;
[/vc_column_text][vc_row_inner][vc_column_inner][gem_table style=”3″ row_headers=”1″]

Common NameThe fully qualified domain name (FQDN) of your server. This must match what you type in your browser, if not then this will result in a mismatch error.
OrganisationThis is the legal name of your business. This should not be abbreviated and should be the full registered name, if you’re struggling then search your businesses name on Limited
Organisation UnitThe division/industry of your businessInformation technology consultancy activities
City/LocalityThe city your business is locatedNottingham
State/County/RegionThe county/region your business is locatedNottinghamshire
CountryThis is the two-letter ISO code of the country your business is locatedGB
Email AddressAn email address for contact purposes[email protected]
Public KeyThe public key that will go into the certificateGenerated automatically

If done correctly you should now have the following two files in C:\OpenSSL\bin sub.mydomainkey and sub.mydomainkeycsr.csr. Your CSR should look something like this;

Requesting a Certificate

This process varies for different SSL providers but they all follow the same principle.
As we use GoDaddy we login into our account and go the SSL section. Other SSL providers might be different but GoDaddy is quite straightforward. One we’ve purchased an SSL we select “set up” to be taken to a new page.

From the example you can see above, we’ve taken the CSR which we generated earlier and pasted it into the box “Provide a certificate signing request (CSR)” which then populates the domain name based on the information you provided earlier. To confirm this there are terms and conditions you have to agree to, once you’ve read through those you can request your certificate.
You may need to verify domain ownership if it was purchased from another domain provider. To do this you have two options;

  1. HTML Page – Uploading a unique ID and creating a directory /.well-know/pki-validation/ in the highest level directory of your website and uploading the page as .godaddy.html
  2. DNS Record – You receive an email with a TXT value which you need to create in your domain names DNS zone file.

GoDaddy state this can take 5-10 minutes, other SSL providers may say it takes longer to verify. As soon as it is verified we’re able to retrieve our SSL certificate.
After retrieving the SSL we should have;

  • The certificate signing request file (csr)
  • The private key file (.key)
  • The SSL certificate (sub.mydomain.crt)
  • The intermediate certificate (sub.mydomain_ca.crt)

From this list, we will only need the private key, sub.mydomain.crt and sub.mydomain_ca.crt.

Activating your SSL Certificate within NetSuite

Having generated the relevant files, now we need to log into the NetSuite dashboard with an administrative role for the domain/subdomain we’re wanting to add the SSL certificate too. Once logged in navigate to Documents > Files > File Cabinet and then select SSL Certificates in the left-hand menu. From here you can select Add File and upload your .crt fils.

With your certificate uploaded the final thing to do is navigate to the domain you’re wanting to attach the SSL certificate too. To do this go to Set Up > Site Builder/SuiteCommerce Advanced > Domains. From here you should have a list of domains and subdomains associated with your account, in a lot of cases, this is Simply click edit to be taken through to the Set Up Domain page.
With your .crt and _ca.crt file already uploaded to the file cabinet, you click the two arrows in the Certificate field, select list, change the dropdown to SSL Certificates and select the .crt file which we referenced earlier as sub.mydomain.crt. Repeat this process for CA Certificate but selecting the sub.mydomain_ca.crt.

For the key password field, you will need to enter the secure phrase you created when creating a private key. In the Certificate Key, you will need to paste the contents of the CSR file and you should have something similar to the image above. Now click save and your SSL certificate should be live on your domain.
If you’re wanting to test it’s all working a great free tool to use is SSL Labs SSL testing tool which will give you all the information you need to ensure the SSL is properly setup with your SuiteCommerce site.
If you have any questions please feel free to contact our consulatants who would happily advise should you require it.

Sign Up Banner


More Information

Stephen Adamson


[email protected]

(+44) 115 758 8888
Stay Connected

We make a selection of our blog’s most relevant news, a section dedicated to what we know best: Cloud Business Management Solutions. Sign up to our newsletter.