Learn how to import a custom SSL certificate in Flipsnack
Table of contents:
When you use a custom domain or subdomain with your Flipsnack account, you have two options. Either use the standard SSL certificate generated by Amazon, which is automatically provided by Flipsnack, or use a custom certificate.
There might be different reasons to use a custom certificate: more control over how the connection is secured, consistency, or for branding purposes. You can add custom SSL certificates to your Flipsnack account regardless of your motivation.
There are a few technical specifications you need to keep in mind before adding your certificate:
- Imported SSL should have 1024-bit RSA, 2048-bit RSA, and Elliptic Prime Curve 256-bit keys only
- You must enter the private key that matches the certificate you are importing.
- The private key must be unencrypted. You cannot import a private key that is protected by a password or a passphrase.
- The private key must be no larger than 5 KB (5,120 bytes).
- If the certificate you are importing is not self-signed, you must enter its certificate chain.
- If a certificate chain is included, the issuer must be the subject of one of the certificates in the chain.
- The certificate, private key, and certificate chain must be PEM-encoded.
- The cryptographic algorithm of an imported certificate must match the algorithm of the signing CA. For example, if the signing CA key type is RSA, then the certificate key type must also be RSA.
- A certificate must be an SSL/TLS X.509 version 3 certificate. It must contain a public key, the fully qualified domain name (FQDN) or IP address for your website, and information about the issuer.
- A certificate can be self-signed by a private key you own or signed by the private key of an issuing CA. You must provide the private key, which may be no larger than 5 KB (5,120 bytes) and must be unencrypted.
- If the certificate is signed by a CA, and you choose to provide the certificate chain, the chain must be PEM–encoded.
How to import a custom SSL certificate in Flipsnack
- While on the My Flipbooks page, click on Branding, Settings, then at the bottom of the page on Add certificate.
Or you can do so when configuring your subdomain by choosing Self-managed SSL.
- Click on Upload body and Upload key to upload the Public and Private certificate keys. As mentioned, the keys should be provided by the certificate authority (CA) that issued your keys. Uploading the Intermediate Certificate Chain is optional.
- Once the keys are uploaded, click on Add certificate.
- In case an error occurs, you will be prompted with an error message detailing the problem, and you will have to start the process from the beginning.
- If the process has been successful, you will be prompted with the message “Certificate added successfully.” You will also be able to see the Certificate status and the date when it will expire. The Add certificate button will now display Replace certificate, and you will now have the option to replace the certificate.
- Replacing the certificate involves the exact same steps as adding a new certificate.
If you want to switch back to the SSL certificate provisioned by Flipsnack, please keep in mind that you will have to set the CNAME again.
If you have any questions or suggestions, feel free to contact us via live chat.