1. Open Time Tracker
2. Click on Domains
3. Find the Domain you are Renewing, if the CSR & Private Key already exist skip to step 15
4. Go to https://csrgenerator.com/ to create a CSR and Private Key
• Be sure to spell out the state in full - no abbreviations
• Enter "i4" in "Organizational Unit"
• Enter the Domain Name in "common name" WITHOUT the "www"
• Select "2048" from the key size choices
5. Copy the CSR and Private Key to Notepad++ and save each section as a separate file
• Example: if the site domain is www.domain.com
• save the section between "-----BEGIN CERTIFICATE REQUEST-----" and "-----END CERTIFICATE REQUEST-----" as a file called domain.com.csr (be sure to include the "begin" and "end" lines)
• Save the section between "-----BEGIN PRIVATE KEY-----" and "-----END PRIVATE KEY-----" as a file called domain.com.key (be sure to include the "begin" and "end" lines)
• Copy & Paste the CSR into the CSR Field in Time Tracker
• Copy & Paste the Private Key into the Private Key in Time Tracker
• Update the SSL expiration date in Time Tracker to todays date
6. Go to https://certs.secureserver.net
   • User: i4solutions
   • i4Domain$2001
7. Search for domain
8. Click on Domain
9. Click on Rekey & Manage
10. click on Re-Key certificate
11. Paste in the new CSR
12. Click Save
13. Scroll to the bottom of the page - Click Submit All Saved Changes
14. You are now at the Certificate Request Verification Step - Wait 5 minutes then REFRESH the page
• If Domain Ownership is required
  
  • If i4 is DNS then we can add the text record
  • If i4 isn't DNS the client has to add the text record or provide us with their DNS login so that we can update the text record. Example of text record pm6brbkiffo7k2mmgk6l7u4cc0 provided on https://certs.secureserver.net/cert 
• Download the html file and upload it to the website's www folder 
• File Path example if the site is on shared1 and the domain is www.example.com: \\shared1\com\domain.com\www
• Click the "Check My Update" button - if the site is not able to be verified be sure to check the domain name is correct and the site is pointed correctly to our server.
15. Download and unzip the SSL certificate (Select IIS from the dropdown box) 
16. Click "Download Zip File"
17. Find the file on your computer, right click on the folder, and click "Extract All" from the options to unzip it.
18. Go to https://www.sslshopper.com/ssl-converter.html to convert the file to the necessary .pfx file format
• Upload the .crt (Security Certificate) file from the SSL Zip file
• Leave the "type of current certificate" set to "standard PEM"
• Select "PFX/PKCS#12" from the "Type to convert to" drop down box
• Upload the Private Key file
• Enter "salt144.17" in the PFX Password field
• Click "convert certificate" - It will download the PFX, Once it is downloaded change the name of the file to their "domain.com". Once saved the name will show as "domain.com.pfx"
• Click "convert certificate" again - change the name to "www.domain.com.pfx" Once saved the name will show as "www.domain.com.pfx" (If it is a sub-domain only use the domain without www. RIGHT: ut.pinnersconference.com WRONG: www.ut.pinnersconference.com).
  
  
  
  

  Send PFX file to Dave DO NOT LOOK DOWN!!!

  
  
  
  
  
  
19. Go to Command Center to look up the server the website is on. Click here for instructions. If it isn't on shared 1 or shared 2 you will not be able to install it. Follow the instructions below. DO NOT continue with numbers 16-20. (Open the images below to see examples on how to complete these steps)
    • Upload the 2 files (1 file if it is a sub-domain) you downloaded to the server certificate store for the site. The Server Certificate store is on your computer under Networks. Copy the example below, change the 1 to 2 if you decide to use Shared 2, paste it in the path in your directory on your computer.
      i.  example: if the site is on shared1 the file path would be \\shared1\Certificates
      ii. Copy the domain with and without the www and paste it in the certificate store (If it is a sub-domain only use the domain without www. RIGHT: ut.pinnersconference.com WRONG: www.ut.pinnersconference.com).
    • Tell Dave which of the two servers you added the pfx to so that he can complete the set up.

      16. For domains on Shared1 or Shared2: (Open the images below to see examples on how to complete these steps).

• Upload the 2 files (1 file if it is a sub-domain) you downloaded to the server certificate store for the site. The Server Certificate store is on your computer under Networks. Copy the example below, change the 1 to 2 if it is on shared2, paste it in the path in your directory on your computer. 
  i. example: if the site is on shared1 the file path would be \\shared1\Certificates
  ii. Copy the domain with and without the www and paste it in the certificate store (If it is a sub-domain only use the domain without www. RIGHT: ut.pinnersconference.com WRONG: www.ut.pinnersconference.com).

1. Go to the site Details in Command Center
2. Check the checkboxes next to each site URL under "Bindings"
3. Click the green "Save Bindings" button 
4. Wait 15-20 mins and test the site using the "https://www.domain.com" protocol.

PFX and Server Certificate Details (click on the images to enlarge)