This article is for IT & Networking Specialists using the Global Delivery Network.
If your end users will be connecting directly to the Smartling GDN, then the GDN will need to host the appropriate SSL/TLS certificates to avoid browser security errors when browsing your site. This is most commonly required when you use subdomains or top-level domains for your localized sites. For subfolder configurations, the browser is typically connecting to a CDN, and in that case, the CDN needs to host the certificates.
Smartling can generate certificates for your localized sites using Amazon’s ACM system. The process is as follows:
- Smartling generates the required certificates for your localized sites.
- Smartling sends you some special DNS entries to add to your DNS in order to validate ownership of the domains associated with the certificates.
- You add these records to your DNS.
- Smartling validates the presence of the DNS entries and activates the certificates.
ACM certificates are valid for 13 months and will auto-renew as long as the associated DNS entries are still in place. See https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html for additional information on ACM.
The Global Delivery Network will not operate for your HTTPS pages without the appropriate SSL/TLS certificates.
Provide or Replace your own SSL Certificate
If you opt not to use ACM certificates, you can supply or replace an SSL certificate for a localized domain yourself: contact Smartling Support to obtain login credentials to a secure SSL certificate upload portal, and be prepared to provide the following in PEM or PFX format via the certificate portal:
- SSL certificate
- Private key
- Intermediate chain files
Once we have obtained your new SSL certificate files via this portal, we can complete the installation process.
* If you cannot provide your Private Key, Smartling can generate a Certificate Signing Request (CSR). You can then generate an SSL certificate from this.
If you are not using ACM certificates, we recommend you begin the process to replace your current SSL certificate at least 10 business days before the expiration date. If you’re using ACM certificates, these will auto-renew as long as the associated DNS records still exist.
If you are changing the type of SSL certificate or the domains covered by your current SSL certificate, we may need to have you update the Smartling CNAME your localized domains are currently pointed to via DNS or traffic routing. If you are unsure, contact contact Smartling Support for additional guidance on SSL certificates and the GDN.