A few users have contacted us today to ask about using Certify The Web to get an SSL certificate for use with a software product called Calyx PointCentral.
We strongly recommend getting local professional IT help for your business if these instructions seem complex or are way out of your own IT comfort zone. Certificates can be complicated. The normal operation of your business may be at risk if you are running your own Windows servers but have no professional IT management.
Previously, Calyx had offered a domain and certificate management service which they appear to have discontinued.
If you are seeking to get your own certificate for this product using Certify The Web, try the following: Note: this is best done by an experienced server administrator and requires a basic understanding of IIS bindings, ports and certificates. If you do not know what your “domain” is, stop now and contact a local IT support business.
- Decide what the website is going to be called under your own domain. This can generally be
anythingyouwant.yourdomain.come.g. for this example we’ll use:loans.contoso.com.
Some users are sticking with their original Calyx assigned name e.g. something12.calyxpds.com name, which may work but could stop working at any time in the future if Calyx remove the DNS name from their own DNS. Let’s Encrypt is also now returning an error "too many certificates issued for calyxpds.com
-
Add an A record in your DNS control panel, pointing your name (e.g. loans) to your own Calyx Point server (public) IP address.
-
On your server, open IIS manager and locate your POINT website/application.
-
Edit bindings and add an http binding (http, IP : All Unassigned, Port :80) with your chosen hostname e.g.
loans.contoso.com -
Ensure that TCP port 80 is open on your server firewall
-
You should now be able to browse to
http://loans.contoso.com/admin- if so, you are ready to configure https
Now you can configure your https certificate:
-
Install Certify The Web on your POINT server. You can download it from https://certifytheweb.com
-
Open Certify The Web on the server, select
New Certificate(first time round you will be required to create a contact with Let’s Encrypt, use a real email address, expiry notifications will be sent here) -
Select your site from the ‘Select Site’ dropdown list. The list of domains to include in your certificate should auto populate.
-
Click ‘Test’, this will confirm you have basic http connectivity to your website (not https). The example assumes you will use the default http validation method. See below for the alternative DNS validation method.
-
Now click ‘Request Certificate’, if this completes OK a new certificate will be ordered from Let’s Encrypt (the default certificate authority) and applied to any IIS bindings that match the host name (e.g. your POINT site).
-
You should now be able to access your site (with ssl enabled) at
https://loans.contoso.com/admin -
Further configuration may be required within the application itself (and any client software) if it needs to know what domain it runs from for any reason (links etc).**
If your application is internal only and has no public IP address, it’s a little more complex and you need to use DNS validation instead of http validation to confirm your control of the domain, but the other steps remain the same (DNS Validation (dns-01) | Certify The Web Docs)
Important: If your service is on the public internet, strong passwords must be used as anyone could attempt to access your site. You may wish to make the service internal only and use DNS validation instead of (public) http validation.
If you have successfully used these instructions to configure your service, please comment below with any information you think is relevant to other Calyx Point users who are also trying to configure their system.
If you have been unsuccessful, Certify The Web offer an email helpdesk at support at certifytheweb.com for licensed customers to get specific help with the app, we do not offer telephone support and we do not help you perform basic configuration of your IT systems - seek local professional IT help if you need it.