Need guidance on how to purchase an SSL certificate

Paul Ciarfella · ‎04-18-2016

We are developing an integration with a third-party ticketing system. The third-party requires us to support mutual authentication (I know, one way to the 3rd party, not to SNOW).

So I'm trying to have our IT MSP purchase SSL certificates for our instances (blah.service-now.com, blahtest.service-now.com, blahdev.service-now.com). We cannot use a self-signed certificate (otherwise I would've done it myself). And I cannot purchase the certificate myself.

Our company's authority is Semantec. Our IT vendor is saying that Semantec cannot create the SSL certificate without getting approval from Godaddy, which is ServiceNow's authority. Supposedly Semantec has contact ServiceNow but is not getting any response. I put a ticket into HI but they don't understand my problem.

How have others purchased their own certificates? Is this really an issue, or is my IT MSP just confused as to what they need to do?

Paul Ciarfella · ‎05-05-2016

Our solution is going to be to create a DNS record with a service name like servicenowprod.companyname.com, where we have root certs already for companyname.com. We can then create the client certificate off that.

I was stuck on the idea that I needed to have the instance URL from service-now.com be the FQDN in the certificate. But that's not required.

View solution in original post

Paul Ciarfella · ‎05-03-2016

We cannot use self-signed certificates.

Our SN sales team is coordinating a meeting between SN field security and our MSP to settle the issue.

Paul Ciarfella · ‎05-05-2016

Our solution is going to be to create a DNS record with a service name like servicenowprod.companyname.com, where we have root certs already for companyname.com. We can then create the client certificate off that.

I was stuck on the idea that I needed to have the instance URL from service-now.com be the FQDN in the certificate. But that's not required.