CNAME, SSL Certificates

[allanc]

First, let me say that I know very little about CNAME, SSL Certificates, etc.

I am trialing ZenDesk for my ticketing/help desk.
They suggested that I use a CNAME record to 'redirect' support.mywebsite.com to mywebsite.zendesk.com.
My Web Hosting company created the record and it seems to work.
Reading the ZenDesk site they are suggesting:
"However, because our SSL certificate is not valid for your new address, you must provide us with a SSL certificate. If not, your users may experience certificate errors or be redirected to your default zendesk.com subdomain." from this page.
Is this something that I should / must do?
The only specific specifications that I can find are:
"Before you buy, make sure your certificate authority supports SHA-2 encryption. The CSR file generated in Zendesk uses SHA-2 encryption.If prompted, specify "Nginx", "Apache" or "Apache + mod_ssl" as the desired web server"
If I was to use NameCheap which of the certificates from this page do I need?
By the way - the certificate gets installed at ZenDesk.
Thank you in advance for all assistance.

 

[Markverhyden]

The first option should be all you need.

 

[allanc]

The first option should be all you need.

Reasonable priced.
I really don't want to mess up the information that I provide to NameSpace in terms of wasting my time (or money).
According to Zendesk, I can generate a CSR from within my the application on the Web site.
Is it really as simple as that to get a correct certificate?
I am asking, because as I said at the start of the thread, this stuff is fairly new to me.

 

[Markverhyden]

Reasonable priced.
I really don't want to mess up the information that I provide to NameSpace in terms of wasting my time (or money).
According to Zendesk, I can generate a CSR from within my the application on the Web site.
Is it really as simple as that to get a correct certificate?
I am asking, because as I said at the start of the thread, this stuff is fairly new to me.

Yes, it's pretty simple. Alien of course to a newcomer. Follow their instructions for generating the CSR, send it in and you should be good to go. But make sure all the info you fill in is correct, including the Common Name, which should be yourdomain.zendesk.com.

 

[repairtechinc]

Can help here. At RepairTech we use zendesk for support, and have the same setup. If you go to support.repairtechsolutions.com it will redirect you to repairtech.zendesk.com, which is fine for us. If that's a problem for you, then you'll need to give them your SSL key. I've detailed some recommendations in the event you want to do that.

If you're going to get an SSL key, then I would recommend using either Comodo or Let's Encrypt. The former is going to cost you money, but is a simpler route. The latter is free, and a newer company, but a little but more technically challenging. The easiest route would probably be to call Comodo and tell them your situation, and they can likely help you.

Happy to elaborate if necessary,

Ian

Edit: Getting certs from Namecheap, as you mentioned, is perfectly fine too.

 

[allanc]

Can help here. At RepairTech we use zendesk for support, and have the same setup. If you go to support.repairtechsolutions.com it will redirect you to repairtech.zendesk.com, which is fine for us. If that's a problem for you, then you'll need to give them your SSL key. I've detailed some recommendations in the event you want to do that.

If you're going to get an SSL key, then I would recommend using either Comodo or Let's Encrypt. The former is going to cost you money, but is a simpler route. The latter is free, and a newer company, but a little but more technically challenging. The easiest route would probably be to call Comodo and tell them your situation, and they can likely help you.

Happy to elaborate if necessary,

Ian

Edit: Getting certs from Namecheap, as you mentioned, is perfectly fine too.

Well, the entry level cert at NameCheap is about $11/Yr.
I would rather spend the money than be 'technically challenged'.
EDIT: The redirection Is working.
The issue is that on the ZenDesk site they are suggesting the cert.
Edit-2: The entry level cert at NameCheap is about $11/Yr and is provided by Comodo.
The entry level cert a Comodo is > $70/yr.
What am I missing?

 

[allanc]

Can help here. At RepairTech we use zendesk for support, and have the same setup. If you go to support.repairtechsolutions.com it will redirect you to repairtech.zendesk.com, which is fine for us. If that's a problem for you, then you'll need to give them your SSL key. I've detailed some recommendations in the event you want to do that.

If you're going to get an SSL key, then I would recommend using either Comodo or Let's Encrypt. The former is going to cost you money, but is a simpler route. The latter is free, and a newer company, but a little but more technically challenging. The easiest route would probably be to call Comodo and tell them your situation, and they can likely help you.

Happy to elaborate if necessary,

Ian

Edit: Getting certs from Namecheap, as you mentioned, is perfectly fine too.

I was chatting online with NameCheap and they seem to agree that the last expensive was sufficient.

 

[Markverhyden]

Well, the entry level cert at NameCheap is about $11/Yr.
I would rather spend the money than be 'technically challenged'.
EDIT: The redirection Is working.
The issue is that on the ZenDesk site they are suggesting the cert.
Edit-2: The entry level cert at NameCheap is about $11/Yr and is provided by Comodo.
The entry level cert a Comodo is > $70/yr.
What am I missing?

The reason why they are recommending a cert is because when a user gets the re-direct it will not see a cert for yourdomain.zendesk.com but will see one for zendesk.com. That will generate a mismatch error, target domain is not the name on the cert, on most browsers depending on how they are configured.

 

[allanc]

The reason why they are recommending a cert is because when a user gets the re-direct it will not see a cert for yourdomain.zendesk.com but will see one for zendesk.com. That will generate a mismatch error, target domain is not the name on the cert, on most browsers depending on how they are configured.

Ah!
The light just went on.
Thanks Mark.
And ... in terms of the price difference?

 

[Markverhyden]

Ah!
The light just went on.
Thanks Mark.
And ... in terms of the price difference?

Price? At that price point I'd not really give it any thought. I'd stay with a company that I would expect to last. So that would be Comodo.

Years ago when I got my first domain I went with Alice's Registry. Old school small business open source, blah, blah, blah. Took me two months to get the guy to release it so I move it to Godaddy.

 

[allanc]

The reason why they are recommending a cert is because when a user gets the re-direct it will not see a cert for yourdomain.zendesk.com but will see one for zendesk.com. That will generate a mismatch error, target domain is not the name on the cert, on most browsers depending on how they are configured.

Price? At that price point I'd not really give it any thought. I'd stay with a company that I would expect to last. So that would be Comodo.

Years ago when I got my first domain I went with Alice's Registry. Old school small business open source, blah, blah, blah. Took me two months to get the guy to release it so I move it to Godaddy.

According to NameCheap's Web site they have been in business since 2000.

 

[Markverhyden]

According to NameCheap's Web site they have been in business since 2000.

It's a personal decision in the end. If I was doing this with a ton of websites I'd be much more price sensitive.

 

[repairtechinc]

It costs these companies nothing to make their SSL certs, so they often discount them all the time via resellers. Namecheap and Comodo will be around for the foreseeable future, and your SSL cert will expire in at most 2 years, so not really that big of a deal. I'd just go with Namecheap since it's cheaper for the same product.

Ian

 

[allanc]

It costs these companies nothing to make their SSL certs, so they often discount them all the time via resellers. Namecheap and Comodo will be around for the foreseeable future, and your SSL cert will expire in at most 2 years, so not really that big of a deal. I'd just go with Namecheap since it's cheaper for the same product.

Ian

So, I used NameCheap and their chat support was great.
Would you happen to have a template that i could use to advise my clients?
Thank you in advance.

 

[repairtechinc]

I think we're just using one of their templates

Ian

 

[allanc]

I think we're just using one of their templates

Ian

I can not find any.
I have contacted them via Email and will see what they come up with.
I am not expecting any good news.

 

[Markverhyden]

So, I used NameCheap and their chat support was great.
Would you happen to have a template that i could use to advise my clients?
Thank you in advance.

Template? Not sure what you mean.

 

[allanc]

Template? Not sure what you mean.

Am Email that I can use and modify to advise my clients that I have implemented a ticketing system / help desk.

 

[Markverhyden]

Am Email that I can use and modify to advise my clients that I have implemented a ticketing system / help desk.

Ahh.... Understood.

 

[allanc]

Ahh.... Understood.

Perhaps I should post it in the business / legal forum.
But, some might consider it cross-posting