Certificate Signing Request (CSR) to renew a certificate for a site hosted by GoMembers


If GoMembers Enterprise is hosting a site for you, you may encounter a situation where you get an email with the warning message "The following certificate is set to expire on date": 


Please contact support with the following information: 

  • A screenshot of the email with the warning message
  • Any information from the existing certificate that you wish to change, e.g. Organization, Organizational Unit etc. 

One of our agents will generate a CSR and share it with you. The agent will also share the information that has been entered in the CSR. Please confirm that the information is correct, and then share the signed certificate with the agent. Our SaaS team will ensure that the certificate is properly hosted. 


Note that all hosted GoMembers instances are now behind out AWS services, hence AWS is the frontend where the certificates need to be installed. When a customer raises a support ticket for a CSR, follow the steps below:

1. Generate the Private key and the CSR using OpenSSL by running the following code: 

openssl req -new -newkey rsa:2048 -sha256 -nodes -keyout <customer>.key -out <customer>.csr

where <customer> refers to the customer who raised the ticket. 

2. Once you run the command , you will be prompted to enter the customer's information which will be included in the CSR. For this information, if the customer has explicitly stated what information to enter, enter those. If the customer has not provided this information, enter the customer's information from the previous certificate that is installed. To find the information from the previous certificate (this example is for chrome, but steps are similar for other browsers):

  • Open the Customer's site that is being hosted, and click on the lock icon next to the URL:
  • In the pop-down menu, click on the Connection is secure row
  • In the subsequent menu, click on the Certificate is valid row:
  • In the Certificate properties menu that opens, navigate to the Details tab, and click on the Subject field. The certificate information will be displayed at the bottom: 

3. Share the CRS with the customer, requesting signed certificates in response. Make a note to the customer confirming the information you used in the previous step. 

4. Create a JIRA ticket for the AVOLINITOPS project as a SaaS Request. Share with them the signed certificates and the private .key file which they need in order to install the certificates. A similar request was solved in AVOLINITOPS-3424.

Note: The .key file is sensitive information that could allow a data breach (man in the middle attack) if it is exposed, so be careful when sharing it with the SaaS team; it is best to transfer in a secure manner and not through open communication such as unencrypted email. </supportagent>



Please sign in to leave a comment.