Configuring Site Certificates (No CDN)

Alert: Skip this section if you are planning to install the proxy in your datacenters, or use a Content Deliver Network (CDN) such as Akamai for your translated sites. Your certificates will need to be installed on those servers, not the OneLink servers.

HTTPS and SSL Certificates

If your source site has a certificate, for example, https://www.example.com, the translated site should too. There are 3 types of certificates:

  1. Single Domain- covers only one hostname (e.g. www.example.es).
  2. SAN- covers up to 32 hostnames across any number of domains.
  3. Wildcard- covers an infinite number of subdomains on a given top-level-domain (e.g. *.example.com)

Each certificate uses an IP address. Our licensing agreement covers one IP address for you. Additional IP addresses will incur additional monthly fees, so it is important to select the type of certificate that minimizes your costs.

For example, if www.example.com were going into four languages (French, Italian, German and Spanish), to avoid additional cost, you would use option 2 (SAN) or option 3 (Wildcard). The SAN certificate would need to have all four domains spelled out: www.example.fr, www.example.it, www.example.de and www.example.es.

If you use a Wildcard certificate, it will need to cover all the translated subdomains in scope. For example: *.example.com for es.example.com, de.example.com, and fr.example.com.


Required Certificate Procedure

  1. Ask your OneLink Implementation Manager for a CSR form (a Certificate Signing Request).
  2. Fill out the CSR and return it to your OneLink Implementation Manager. All contact-related fields in the CSR sheet should refer to your company, not Translations.com.
  3. The OneLink team will generate an actual Certificate Signing Request (CSR) and give it back to you.
  4. Follow the normal CSR procedure within your company (contact the person responsible for generating your previous certs). Some CSR procedures will ask which type of webserver you use — the OneLink proxy uses an Apache webserver. Pay the signing authority for the certificate. Examples of signing authorities are Verisign, Thwarte, and GeoTrust.
  5. Return the resulting certificate (CRT) to your OneLink Implementation Manager. A signed certificate will usually be accompanied by an Intermediate CA or Chain file. Translations.com needs both the CRT and CA files.
  6. The OneLink team will combine the CRT and CA files that you acquired with the private KEY file that was used to generate the CSR and will install your certificate on the appropriate servers.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.