search-icon

You can point a B2B portal to your own custom domain name rather than the default DEAR portal address. There are four steps to this process. 

  1. Configure the DNS: You will need to create an entry on your domain hosting provider's DNS server that points to your B2B Portal permanent address (<your_portal_name>.dearportal.com).
  2. Download an SSL certificate: You will need to set up a SSL certificate to ensure security of the payment information that you collect from your customers.
  3. Convert SSL certificate to .pfx or .p12f format:  The SSL certificate must be in the right format for the DEAR B2B portal. 
  4. Setting up the Custom domain in DEAR B2B: In DEAR, enter the custom domain name and SSL certificate to complete binding the custom domain. 


Only one custom domain name per B2B portal is allowed. Please note that www.<yourportalname>.com and <yourportalname>.com count as separate domain names. We recommend using simply <yourportalname>.com


NOTE: At the time of renewing the SSL certificate, make sure to remove the custom domain and add it again with a valid SSL certificate generated through the 4 steps mentioned above


Prerequisites


Table of Contents


Step 1: Configure the DNS

[back to top]


Once you have bought a domain name from your domain registrar, you must point the domain to your DEAR B2B portal. These steps may vary according to the domain registrar, your domain registrar's knowledge base or support team will be able to provide you with specific instructions. 


Only one custom domain name per B2B portal is allowed. Please note that www.<yourportalname>.com and <yourportalname>.com count as separate domain names. We recommend using simply <yourportalname>.com


In this example:


The customer can choose to point either the first level domain name (abc.com) or second-level (b2b.abc.com) at the B2B portal (abc.dearportal.com). The type of records that should be added is different in each situation. You will need to log on to your domain registrar account to make these changes. 

  • First-level: In this situation, the customer wants to load the first level domain. abc.dearportal.com → abc.com. An A record should be added & pointed to 20.25.113.39

Second-level: In this situation, the customer wants to load the second-level domain. abc.dearprotal.com → b2b.abc.com. A CNAME record should be added which points it to the B2B portal (abc.dearportal.com for our example).


You can verify if the pointing is done correctly by running a "dig" on Mac Terminal and "nslookup" on Windows Command line to verify if the pointing is done correctly.

  • For the first level domain, it should point to 20.25.113.39


    >> dig abc.com
    ;; ANSWER SECTION:
    abc.com.    3600    IN    A    20.25.113.39

  • For the second-level domain, it should point to the dear portal (abc.dearportal.com)
    >> dig b2b.abc.com
    ;; ANSWER SECTION:
    abc.dearportal.com. 3600 IN CNAME dearportal.cloudapp.net.
    dearportal.cloudapp.net. 10    IN    A    20.25.113.39



Step 2: Download SSL certificate

[back to top]


After configuring your custom domain name DNS records, you will need to set up a SSL certificate to ensure security of the payment information that you collect from your customers. Most domain registrars are also able to provide SSL certificates, however you may have purchased an SSL certificate from another provider. 


There are different steps to setting up your SSL certificate depending on your custom domain and SSL providers. In some cases, you will need to convert the SSL into the correct format in order to use it. 


Both domain and SSL certificate are obtained from same provider

[back to top]


This is the easiest method, but the exact steps may vary depending on your provider. When buying a SSL certificate from the same provider as your custom domain, simply select the SSL certificate you want to purchase, then select the domain it should be associated with. 


Once the SSL certificate purchasing is complete, download all the associated files and move to step Convert SSL certificate to .pfx or .p12 format


Domain and SSL certificate are obtained from different providers

[back to top]


When buying an SSL certificate from a different provider than your domain provider, you may need to generate a certificate signing request (CSR) for the website's domain name (or "common name") before you can request the SSL certificate. This step takes place after purchasing an SSL certificate and activating the SSL credit.


A CSR is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate such as the organisation name, common name (domain name), locality, and country. It also contains the public key that will be included in the certificate. A private key is usually created at the same time that you create the CSR, making a key pair. 


A certificate authority will use a CSR to create your SSL certificate, but it does not need your private key. You need to keep your private key secret. The certificate created with a particular CSR will only work with the private key that was generated with it. So if you lose the private key, the certificate will no longer work.


How you generate a CSR depends on the type of certificate you're requesting and your operating system/control panel. Click your server type for instructions (source - https://ph.godaddy.com/help/generate-a-csr-certificate-signing-request-5343:


After you create a CSR, you will need to submit it to your SSL certificate provider and request your certificate. How you request a certificate is dependent on the type of certificate you have:


Once the SSL certificate purchasing is complete, download all the associated files and move to step Convert SSL certificate to .pfx or .p12 format


Using Let'sEncrypt (free SSL tool)

[back to top]


LetsEncrypt is a certificate authority that offers free SSL certificates that you can use for the custom domain name of your DEAR B2B Portal. There are other certificate authorities that you can use, but LetsEncrypt not only offers free SSL certificates but makes certificate generation easy.


Before generating a free SSL certificate, you need to complete Step 1: Configure the DNS


NOTE: The instructions in this article assume that you have a basic understanding of Linux usage/commands and shell access to an Ubuntu Linux  web server. If you do not have shell access (or something similar) to your web server, your hosting provider might be able to assist you in generating a SSL certificate for the custom domain name of your DEAR B2B Portal.


To generate a LetsEncrypt SSL certificate, follow the steps below.

  1. Log on to your web server from any computer.
    ssh [user]@[server-address]
    su
  2. Install Certbot in usr/bin/certbot.
    apt-get install software-properties-common
    add-apt-repository ppa:certbot/certbot
    apt-get update
    apt-get install certbot
  3. Stop any running instance on the web server.
  4. Generate the SSL certificate using the subdomain name as the certificate name.
    cd [certbot directory] ## /usr/bin
    service apache2 stop
    ./certbot certonly --standalone -d [subdomain.domain.tld] 
    service apache2 start
  5. Navigate to the directory where the certificate was saved.
    cd /etc/letsencrypt/live/[subdomain.domain.tld]
  6. Convert the certificate to PFX format.
    openssl pkcs12 -export -out [subdomain.domain.tld].pfx -inkey privkey.pem -in cert.pem -certfile chain.pem
  7. Enter a passphrase for the certificate. You will need this passphrase when uploading the certificate to DEAR.
    Enter Export Password: 
    [passphrase-you-create-here]
    Verifying - Enter Export Password: 
    [passphrase-you-create-here]
  8. Copy the certificate to a downloadable location on the server. This is to ensure that you can download the certificate via secure FTP or some other protocol.
    cp -p /etc/letsencrypt/live/[subdomain.domain.tld].pfx /home/[user]
    cd /home/[user]
    chown [user] /home/[user]/[subdomain.domain.tld].pfx
  9. Open a new terminal and copy the certificate to your computer.
    cd ~/Downloads/
    scp [user]@[server-address]:/home/[user]/[subdomain.domain.tld].pfx .
    [user-password] or [ssh-key]
    ls -al | grep .pfx
  10. Log on to your domain registrar account and change the DNS CNAME in your DNS Zone records in the following format:
    [subdomain.domain.tld] CNAME [subdomain].dearportal.com.
  11. Wait until the DNS CNAME TTL times out.
  12. Upload the certificate to DEAR B2B Portal by going to to https://inventory.dearsystems.com/Portal, then creating a new portal configuration. 
  13. Under the Custom Domain for portalsection, set the following:
    Custom Domain Name (URL): [subdomain.domain.tld]
    SSL Certificate file: Choose File ~/Downloads/[subdomain.domain.tld].pfx
    SSL Certificate password: [passphrase-you-create-here]
  14. Click Set Custom Domain.
  15. On the terminal that you opened in Step 9, test the certificate.
    curl -svo /dev/null https://[subdomain.domain.tld] --tlsv1.2
  16. Delete the certificate.
    rm -rf ~/Downloads/[subdomain.domain.tld].pfx
  17. In a browser, go to http://[subdomain.domain.tld] and check that the DEAR B2B Portal is active with the free LetsEncrypt SSL Certificate.


IMPORTANT! LetsEncrypt SSL certificates expire after 90 days. To ensure that the SSL certificate for your custom domain does not expire after that period, set a CRON job on the server to automatically renew the SSL certificate every 90 days, and set an email reminder to manually upload the regenerated SSL certificate back to DEAR. 


Step 3: Convert SSL certificate to .pfx or .p12 format

[back to top]


Your SSL certificate must be converted to .pfx or .p12 format if it is not already in that format. This can be done using the site https://www.sslshopper.com/ssl-converter.html.

  1. Certificate File to Convert: The SSL certificate that has been download from the SSL provider.
  2. Private Key File: Private key file or CSR downloaded from SSL certificate provider.  
  3. Chain Certificate File 1 (optional): If your SSL provider gives you Chain Certificate Files, please use the by converting them to the correct format. There Chain Certificate Files will further validate the SSL files.
  4. Chain Certificate File 2 (optional): If your SSL provider gives you Chain Certificate Files, please use the by converting them to the correct format. There Chain Certificate Files will further validate the SSL files.

  5. Type of Current Certificate: The format of the certificate file to convert. This is an important step.
  6. Type to Convert to: Select PFX/PKCS#12.
  7. PFX Password: Enter a password into this field and make a note of it. Do not share this password, keep it safe!. You will need this password for Step 4.


Step 4: Setting up custom domain and certification in the DEAR Portal

[back to top]


The final step is to configure the custom domain and certification via the DEAR web inferface. From your DEAR account:

  1. Go to Integrations → DEAR B2B Portal → [selected store], and the General tab.
  2. Select Configure custom domain name.
  3. Enter the custom domain name, select the SSL certificate in .pfx or .p12 format, and enter the SSL certificate password entered in step Convert SSL certificate to .pfx or .p12 format
  4. Click Set Custom Domain to finish.


If you have done the above correctly you Should be able to use the first level (abc.com) or the second level (b2b.abc.com) as shown below. A padlock icon should be visible and you should be able to browse the B2B portal.

 



Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.