Enom SSL Certificates
Supported Certificate Types
This module allows you to automate SSL Certificate sales with the Enom platform. This allows you to offer the following types of certificate:
- GeoTrust QuickSSL
- GeoTrust QuickSSL Premium
- GeoTrust TrueBizID
- GeoTrust TrueBizID Wildcard
- GeoTrust TrueBizID EV
- Comodo Essential
- Comodo Instant
- Comodo Premium Wildcard
- Comodo Essential Wildcard
- Comodo EV
- Comodo EV SGC
- VeriSign Secure Site
- VeriSign Secure Site Pro
- VeriSign Secure Site EV
- VeriSign Secure Site Pro EV
Setting up the Product
To setup an SSL certificate product, follow the steps below.
- Create a product as normal - name, description, no domain options, etc...
- Set the billing cycle to One Time and price as the base price for this certificate
- Ensure the welcome email is set to "None" in the dropdown menu as the module sends it's own email
- On the module settings tab, choose "Enomssl"
- Now enter your enom login details and choose the certificate type and length being offered with this product in the fields displayed
- Additionally, you can let the client choose these options on the order form and alter the price accordingly using configurable options. The option names supported to override the default settings are "Certificate Type" and/or "Years" - you can use both, just the years option or even neither.
Register your IP with eNom
Access to eNom's API is restricted by IP address so you will need to register the IP address from which you will be connecting to your account with them. See the IP Registration section below for details of how to do this.
IP Registration (User not permitted from this IP address)
In order to use the Enom API, you must first contact them and let them know the server IP address where you will be connecting from (the server IP address where you have WHMCS installed). This is part of Enom's security measures to prevent unauthorised users being able to submit registration requests to your account.
- Login to your account on the Enom website,
- Navigate to Resellers > Manage > API
- Enter your server's IP address into the "New" field,
- Click "add".
As mentioned above you can allow clients to choose how long the certificate is registered for. To do this you set the product up as normal with a one time cycle and base price of zero.
Setup a Configurable Option Group in the normal way and add an option named "Years" with a dropdown of the year options and prices in the monthly field.
That then shows on the product configuration screen for the user to choose from when ordering and the price charged is the value of the option selected.
For example your configurable option might look like this:
The Order Process
The product will appear in the order process as a regular product which can be added to the cart. No configuration is performed before purchase. Once purchased, paid for, and activated, the user is sent an email containing a link which takes them to configure the certificate in the client area. Once all details have been provided, the configuration data is sent to the Certificate Authority for validation. No manual intervention is required from you.
Due to limitations in Enom's API, SSL certificates cannot be renewed. Therefore your clients will need to place a new order when the certificate period ends and it's due for renewal. This is why we recommend setting up as a one time product in WHMCS.
Should a customer need to reissue their SSL certificate due to a change of server IP address or security breach at the issuer, please refer to this page for instructions: Reissueing Enom SSL Certificates.
User not permitted from this IP address
In order to use the Enomssl API, you must first contact them and let them know the server IP address where you will be connecting from (the server IP address where you have WHMCS installed). This is part of Enom's security measures to prevent unauthorised users being able to submit registration requests to your account.
Bad User name or Password
Ensure the username and password on the Module Settings tab matches with your eNom login details. If the test mode checkbox is ticked ensure you have registered on the test server.
Failure connecting to GeoTrust API
Clients may experience this error when attempting to submit the CSR. This is because GeoTrust, Symantec and Verisign only accept ascii character in the SSL contacts. By default, SSL contacts are using client's Profile contact. When eNom sends the request to them, their parser detects and rejects the connection.
Please re-submit the CSR without ascii (accented) characters in the contact details.
More information is available in this knowledgebase article.
The module create function of this module does not generate a username and password by design. Therefore the username/password fields will be blank under the client's Products/services tab.