SSL Certificates via WHMCS MarketConnect

From WHMCS Documentation

This page describes a feature available in version 7.2 and above

WHMCS MarketConnect allows you to resell SSL Certificates from Symantec, RapidSSL and GeoTrust with fully automated end-to-end provisioning and deployment.

Control Panels supported for automatic SSL installation

With certain control panels, WHMCS can fully automate the SSL procurement process, generating a CSR, submitting it to the certificate authority and installation the certificate upon issue. This is supported for the following control panels:

  • cPanel
  • Plesk (coming soon)
  • DirectAdmin (coming soon)

For any other control panels, SSL certificates can be purchased and configured manually. Manual configuration requires the user to submit a CSR themselves and can be done self-service via the WHMCS client area.

Landing Pages

The WHMCS MarketConnect SSL Integration includes landing pages that are designed to give you a ready made destination to send your new and existing customers to to learn about SSL and the SSL options you offer. There are 5 pages:

  • Overview (pictured below)
  • Standard SSL DV Certificates
  • Organizational OV Certificates
  • Extended Validation EV Certificates
  • Wildcard Certificates

These can be enabled as part of the activation process to begin selling SSL via MarketConnect. There can also be enabled/disabled at a later time via the Management panel for SSL in Setup > MarketConnect.

Ssl-landing-page.png

Setup and Configuration

To activate and begin reselling SSL Certificates via WHMCS MarketConnect, simply navigate to Setup > MarketConnect within your WHMCS admin area and click the Activate button under the SSL Certificates product offering.

SSL Certificate Automation

cPanel

When ordering an SSL Certificate for a cPanel Hosting Account, WHMCS and MarketConnect fully automates the SSL provisioning process. The following actions will be performed without any manual user interaction:

  • SSL Purchase
  • CSR Generation
  • CSR Submission
  • Domain Ownership Verification
  • Retrieval of Issued Certificate
  • Installation

In some cases, such as orders for OV and EV SSL Certificates, additional steps to complete the extended validation may be required. Once all the extended validation requirements have been completed, the SSL Certificate will be recognised and installed/provisioned automatically.

Required Permissions

For automated SSL CSR generation and installation to be possible, cPanel hosting accounts require the 'sslmanager' permission. This is a package feature list permission that has to be enabled inside WHM for all cPanel packages you wish to be able to work with SSL automation.

Any Other Control Panel

At this time fully automated provisioning is only supported for cPanel.

Ordering an SSL Certificate as a standalone product or as an add-on to anything other a cPanel Hosting Account will require manual input from clients to complete the provisioning process.

Upon submission and payment for an SSL Certificate order, the certificate will be provisioned and the customer will receive an email with a link to configure the certificate. They will be asked to provide a CSR and select an approver email address as part of the configuration process. The approver email will be used to validate the certificate request and the certificate issuance.

Supported Client Actions

Retrieve Certificate

Clients can retrieve and download certificates that have been issued at any time from the WHMCS client area.

Screenshot 2017-05-10 14.34.48.png

Update Approver Email

Clients can update the approver email for a pending certificate at any time via the WHMCS client area.

Screenshot 2017-05-10 12.09.51.png

Reissues

Clients can self-service reissue SSL certificates at any time via the WHMCS client area.

Screenshot 2017-05-10 15.48.52.png

Supported Admin Actions

Many actions are available once a certificate order has been created.

Check Status

The order status can be obtained by clicking this button. The order information will be provided in the InfoBox output. It will display the order status within MarketPlace and also the remote order status, so it is possible to see the validation status of the certificate.

The check status button will appear when the certificate status is anything but Cancelled.

Resend Configuration Email

The resend configuration email button will appear when the certificate remote status is Awaiting Configuration.

Retrieve Certificate

When the certificate has been issued, the Retrieve Certificate option can be used to obtain the full certificate to be installed. This option can be used should the client not receive the certificate via email

Install Certificate

If the certificate has been ordered as an Addon product with a cPanel module, and has been issued, the Install Certificate option will be available. This option can be used to install or reinstall the certificate within the cPanel account.

Configure Certificate

Manually configure a pending SSL certificate by uploading a CSR and providing admin contact information for the certificate. Supports both Email and File based authentication.

Troubleshooting

The following are some common problems and solutions.

cPanel: Key Generation Failed: (XID xxxxxx) You do not have the feature “sslmanager”.

This error message suggests that the cPanel hosting account that the SSL certificate is attempting to be provisioned for does not have the required 'SSL Manager' permission. This permission is a required permission for automatic SSL CSR generation and installation to be possible for WHMCS. The SSL Manager permission is a package feature list permission that has to be enabled inside WHM for all cPanel packages you wish to be able to work with SSL automation. After adding the necessary feature to your cPanel packages, you can retry the automated provisioning again by setting the SSL Certificate product back to Pending and clicking the "Resend Configuration Data" module command button which should be available when viewing the SSL product within your WHMCS installation.