Securing Your Custom Domain in Supportbench: A Step-by-Step SSL Certificate Guide
Overview
When using a custom domain for your Supportbench portal, implementing an SSL certificate is a critical step. It encrypts all communication, builds customer trust by enabling HTTPS, and ensures compliance with modern security standards. Without it, users will see "Not Secure" warnings in their browsers, and sensitive data will be at risk.
This guide provides a complete walkthrough for generating, exporting, and installing an SSL certificate for your custom domain in Supportbench. We will focus on the required .PFX file format, which includes the certificate, intermediate certificates, and the private key.
An SSL certificate is a non-negotiable requirement for any custom domain connected to Supportbench.
Data Encryption: Secures all data exchanged between your users and the support portal, including login credentials, ticket information, and personal details.
Customer Trust: Provides the secure padlock icon in browsers and enables https access, assuring users that your portal is legitimate and secure.
https
Attack Prevention: Protects against common web threats like "man-in-the-middle" (MITM) attacks.
Compliance: Helps meet data protection and privacy regulations such as SOC 2 and GDPR.
Professionalism: Avoids browser warnings that can erode user confidence and damage your brand's reputation.
Before generating a certificate, ensure the following two steps are complete.
You must own or have administrative access to the custom subdomain you intend to use. This will be the public-facing URL for your support portal.
Example: support.yourcompany.com
support.yourcompany.com
Log in to your domain registrar (e.g., GoDaddy, Cloudflare, Namecheap) and create a CNAME record that points your custom subdomain to your default Supportbench address.
Type: CNAME
CNAME
Host: support (or your chosen subdomain prefix)
support
Points to: yourcompany.supportbench.net
yourcompany.supportbench.net
Allow time for DNS propagation before proceeding.
The CSR is a block of encoded text containing your organization and domain information. You will submit this to a Certificate Authority (CA) to request your SSL certificate. Using IIS Manager on a Windows server is a common method for generating a CSR.
Open IIS Manager: On a Windows Server, open Internet Information Services (IIS) Manager.
Navigate to Server Certificates: In the center pane, double-click the Server Certificates icon.
Create Certificate Request: In the Actions pane on the right, click Create Certificate Request....
Enter Distinguished Name Properties:
Common Name: Enter the exact fully qualified domain name (FQDN) you want to secure (e.g., support.yourcompany.com).
Organization: Your legal company name.
Organizational Unit: Your department (e.g., IT or Support).
IT
Support
City/locality, State/province, Country/region: Fill in your company's geographic details.
Configure Cryptographic Provider:
Cryptographic service provider: Leave as the default (Microsoft RSA SChannel...).
Microsoft RSA SChannel...
Bit length: Select 2048 or higher.
2048
Save the CSR File: Specify a location to save the generated .txt file. You will need the contents of this file for the next step.
.txt
Submit the CSR to Your Provider: Purchase a single-domain SSL certificate from a provider (e.g., DigiCert, GoDaddy) and submit the text from your CSR file to begin the validation process. Once approved, the provider will issue your certificate files (usually a .crt or .cer file).
.crt
.cer
Once your certificate is issued, you must first install it on the same server where you generated the CSR to pair it with its private key. Then, you will export them together as a single .pfx file.
.pfx
Download the certificate file from your provider and save it to your server.
In IIS Manager, return to the Server Certificates section.
In the Actions pane, click Complete Certificate Request....
Browse to the certificate file (.crt or .cer) you received from your provider.
Provide a Friendly name to easily identify the certificate (e.g., support.yourcompany.com SSL).
support.yourcompany.com SSL
Select the Personal store for the new certificate.
Click OK. Your certificate is now installed on the server.
Open the Microsoft Management Console (MMC) by typing mmc in the Run dialog (Windows Key + R).
mmc
Go to File > Add/Remove Snap-in....
Select Certificates and click Add. Choose Computer account, click Next, select Local computer, and click Finish, then OK.
In the console tree, navigate to Certificates (Local Computer) > Personal > Certificates.
Locate the certificate you just installed using its friendly name.
Right-click the certificate, then go to All Tasks > Export....
In the Certificate Export Wizard, click Next.
Select "Yes, export the private key" and click Next. This is the most critical step.
On the Export File Format screen, select Personal Information Exchange - PKCS #12 (.PFX).
Check the following boxes:
Include all certificates in the certification path if possible (Highly Recommended)
Export all extended properties
Click Next.
Set and confirm a strong, secure password to protect the private key within the .pfx file. You will need this password to upload it to Supportbench.
Save the file as yourdomain.pfx and finish the wizard.
yourdomain.pfx
You now have the required .pfx file. The final step is to upload it to your Supportbench account.
Log into your Supportbench instance as an administrator.
Navigate to Configuration > Account Settings > SSL.
Click the option to upload a new certificate.
Select the .pfx file you just created.
Enter the secure password you assigned during the export process.
Save the changes.
After saving, allow a few moments for the system to apply the certificate. You can then test your custom domain by navigating to https://support.yourcompany.com.
https://support.yourcompany.com
Was this article helpful?
Thank you for your feedback!
You are related to multiple companies. Please select the company you wish to login as.