Provide SSL Certificates (Optional)

Bloomreach provides SSL certificates for the bloomreach.cloud domain out of the box, and can also manage certificates for your custom domain through Let's Encrypt. If these are sufficient for your use case, you can skip this page and continue to Configure Domains.

Introduction

Goal

Securely provide the Bloomreach Cloud team with SSL certificates for your domains.

Background

To be able to configure domains, setup Cloudflare CDN that comes with your stack, and go live, it is required that the relevant SSL certificates are in place. Bloomreach provides certificates for the bloomreach.cloud domain out of the box. Optionally, you can provide your own SSL certificates for your domains to the Bloomreach Cloud team so they can install them in your stack.

To prepare sharing your SSL certificate follow these steps:

  • create PEM formatted private key in plain text file, unencrypted (no password), e.g. a file called yourdomain.key
  • create PEM formatted certificate in plain text file, e.g. a file called yourdomain.cert
  • if your certificate provider provided a set of intermediate certificates, please include them in the certificate file above in reverse order, after the primary server certificate. See for example this documentation.

To share the certificates in a secure way:

  • encrypt the two plain text files above with Bloomreach Cloud team's PGP key published below and also available from popular key servers. You can use this pgp tool to encrypt. Check out its FAQ for more information.
  • share the two encrypted files with Bloomreach Support through the Customer Support Portal. Bloomreach will remove the encrypted certificates from the system after uploading to your stack.

Note: You can check compatibility between your private key and certificate by using following commands:

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum

Outputs of the above commands should be same.

PGP Public Key

PGP public key for [email protected], fingerprint 53D6314B3FFD3D5587C1613A0884B4F0842336B7
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFwFLOUBEAClGU63I1yh1uya4HXPThBDhO3QHFWPbhxupsFFJshYDj5hITEM
Tp/27bJujbhdnnE5ouNTHteFA3bIyCKTzdZN3/x5UMi4cy6Oon6jAv90zhDPtm5e
KULHE0Vi60k6NUyPy1PHyhs/jTMI1TNc8zNahOggOL/kJQd+EA0XSmOeQYs0uqBb
P7VsotoNiUeuW8BwIyR+zLztRTYFUOmRuf5VJYkj80JgS+iNnoDcqzEaGAJ3QGw3
DKytwDDRZV7O5GhksT76gGYBrmar4RfmwPRLopXRKJ9EKIVXW3wzN6UnEXQ9HmhJ
7U+fI9bmwRcpVky6Zy+sVlBGDsYDWJCOjMwhy4b+P2wkCYfppaqbpmHs8rab7dq/
U4ic+K0Fvv6CJKyT8MuFDv+wPIP9KtLphg4FvpFS1tRLJ0q5h/SZhkrHNcT7VYXa
/yxrHwO1yNUNkNXOdQZCeVz4GL82vsrZ/eiwXYF9mKtTKwev5vXkrKu3vXz5FmiG
ECMfDMgXow63LdtSHbEhg4VJOfR4gO9VBo0Tzxql/BuJLtypvaxxsuiTUIgw31WO
KKHF1BYZab87BN4ZxmvJ+0D1BvqCFwq3vwdmGlUBPpKbdNgAhTv2zv96wqT1wpkh
GnqUh8AI8aE7fvXmU2EmYJexLGymM97pixIEGiTyKi1J+VrNsgDMMAjx2QARAQAB
tDBCbG9vbXJlYWNoIENsb3VkIDxoaXBwby1vbmRlbWFuZEBibG9vbXJlYWNoLmNv
bT6JAk4EEwEKADgWIQRT1jFLP/09VYfBYToIhLTwhCM2twUCXAUs5QIbAwULCQgH
AwUVCgkICwUWAgMBAAIeAQIXgAAKCRAIhLTwhCM2t4/XD/9YD2q4hSuMBOM2bS8O
cYIDhe4dzO017CRwHBvPDcb/gRaL252nQqnCJCa9qKTxrcAZ6OBQ14vkb5LR0/g3
N5ZrViXPg/+uYH++FbCjX3/UXBnlgb3zO5S37a/V13i79zbP4EglRfMcvH/sE2o8
SwcgSH2BtW6yP2SsQIwbpnFMcfqunNo6pVPtBS/JvrqRod5CAp1yYSiT8qqEw6sj
+1BO9OOxHwuwUqJEY9MXLf8DyZaO15Gghyhsti3w6KIVdFJS2vuEY1Qrp31o0KIB
luQFeZtQ275aO92zkb79VJFVzRA10/yBsU7J59jv2j9LF0fnOxWlg6ks0Y3N18Rk
+yrBSJI5PQz5jD5zOIMk3lkU9XkzS3W6GWXDwO2s/NKOtgZtoyMp0Rk1z+Ddb2A5
aNDyOk5RgC4GJyMg6j+jMZzeqEKgBV6fdeNaCMiTI3S+L4B/Hkv6rqb/fup+hw/I
wyUlBExT0sZioFXAEYoPznJ8SiXsTkV1ZLB1PslcnFA8sEeMn/JidDXjh8wnKjOd
LK6ualpRLP6coicP3SkQkU1iGI2DgmHsKuxuYSnWJo9ENl6CAynOpDJMxpwBCAEb
owQMhcEgbdmKvE/VFs3lUm18iVmVFN9AtegYupdhJs5X9CLjmqLCtCytMI/XCL+k
rsKSOxTillQlbDNMOkUMQGpXxrkCDQRcBSzlARAAq1YP3cBTP4u+YeGBK28FDo1O
Pe+xXCzfqp6YFuvNRp4Yo84dbwZK+dOmEInABBKrOsUFdyH/nYumrzk4DkisDB8Z
vvO3gdss54F5AIIV8KsIeh4vSascoo6ZOt9GVBgMHfYqA9YgmyUB1kOhxVUp0yvp
HfKGTks6APnCngR3rGNj9RHYdus+TYQEZ2k/it6WxRyg4nrSncbEN+LqUETpoE5f
pDSxWV9xGBwXGTUk+ZdNyIJrTn9+b8ARGdJtmozCm6HaKJ4gzH4EwrzcGRt2nWbb
Z29RHDJ/d1ERUAV4fPFi2mupbOagGVuJ4fDvYJR3382diLrnDcu0q/3a4kvBDWcm
Id6TzvRjfxurUNQQLkW4W6xIG0A0QZWxcAdSneK8RA/7f86Xt46Iz55Bbit8uUPZ
YQtTj3UeOaEmB6p8dqje4fRTY0V8SwODZh8M56xziG2IoS30JZD2Bqyj3E1DqVc2
HEYLOmQZMfR15VWl2/eFLvFYPoP91so7tzQ4R+n/65I2RcadkzfNxTWDkr1H2WXv
0CZvJpGu+6gb6rgUbGUNsDo7CY/lbZn+FK+Hpuf6jXKNmRMlmzEUXkZDXYDl+ZjN
MiHU+UIV4eZ5LFLu76T4NMBv7uVeEYRRr3DT5BevGLCqipQ7KBph6P7c5dGPAVE0
ELQC62DvFQ52ah3ibvMAEQEAAYkCNgQYAQoAIBYhBFPWMUs//T1Vh8FhOgiEtPCE
Iza3BQJcBSzlAhsMAAoJEAiEtPCEIza3hgsP/i21a2/ndsTHOIXeGuHXSjCPXC1f
1HsAZ4z0SPTsKiz2vysVfYH6G4ftJumrF/PZB5MNItwLJ9MlsD+KlRX4TSN7sjxR
EwSVNVuN976S/WkYew7RqjK15Gs2Vz5ti7fZrarIs0p2xYlGZHuKHbg+cm+yt5pN
eQbLaGY4KGFczi/FnA0aNSKxRBQk6k1hO2sJsDXfIcY9AMw09vHx8fvEw6UIhExk
8IsE5mVBy6ybohMMfgUrVQED5LeGfzVB94fEMo34mwg6dEFVLPPStfI2ntk9mp2H
VIm2PiJj+38IMOITLQoQfhn7AOfDHxifOt+dat7BJBn2snsFkLkupf4kSB3krHql
PJHoDohQbI+2a2fFKmPLL7s+e8GIpFG8WqgCBz6CWLdjstL1TQTsMU6p3Odz90gP
BC1AbvM14lqgCyrtrhkS7jsbb2Soan25kOBo21Ako7aeVYamIalYmi4GJesEZo5C
o2m5cma2InPf99gXuoGvfvCuq1UP1BZbty93fCO4cBG0VPc7KYMNPc5rhVwS+C3V
/m24OzcBMMVW9nIvYBtlye4TLdq20oZDIhb2m9q8pFfWegxg330sNO7W43BhQeHG
6SgN45CXztvHFJCBFWhHA4hfKSbhkf2HFdQ6HFuC/yeFONrHLvqYg0qLnsIaTfcG
ckZPrUbsQRR1A/o7
=2MfL
-----END PGP PUBLIC KEY BLOCK-----
Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?